[VIM] Blaming product vendors for other vendors' "features"
security curmudgeon
jericho at attrition.org
Tue Oct 25 21:39:00 EDT 2005
: But you see this kind of stuff all over the place in A-V, even with
: corrupted files that are rejected by most - but not all - tools (e.g.
: CVE-2005-3210 through CVE-2005-3235).
:
: I think this kind of happened with MS-DOS device names a number of years
: ago, when it used to cause a blue screen. Various products had to put
: in defenses/workarounds to protect themselves against what was basically
: an OS bug.
Not just a few years ago =) We're still seeing the classic MS-DOS Device
Name DoS today.
More information about the VIM
mailing list