[VIM] [Full-disclosure] Advisory: Internet Explorer Drag and Drop Redeux [CVE-2005-3240] (fwd)

Matthew Murphy mattmurphy at kc.rr.com
Tue Feb 14 00:39:55 EST 2006

Hash: RIPEMD160

security curmudgeon wrote:
> OSVDB 2707 is public now, thanks!
> we're still holding OSVDB 536 for you.

My screw-ups on this one (like not sending the *revised* version of the
advisory to the lists) have really made things complicated.  I'd
recommend linking to SecuriTeam rather than my mailing list post (which
now contains some known accuracy problems).

That link is: http://www.securiteam.com/windowsntfocus/5MP0B0UHPA.html

It presently contains the broken CVE/Bugtraq links but should be getting
an update soon to fix that.  Should any *other* issues emerge, that
advisory will also be updated.

As many things as I f---ed up on this release, I wouldn't be surprised
if there are more updates.  Pardon my scatter-brainedness.

Lesson learned: don't try to release an advisory when you've been
seriously short of sleep.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

Version: GnuPG v1.4.2 (MingW32)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3436 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.attrition.org/pipermail/vim/attachments/20060214/7df58715/attachment-0001.bin 

More information about the VIM mailing list