[VIM] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-4495 (fwd)
jericho at attrition.org
Wed Jan 18 00:55:32 EST 2006
: In addition, it appears that SpireMedia offers a service, more than a
: specific software package that customers can buy and install by
: themselves. If this is the case, then it would be outside the normal
: scope of CVE and we would note it explicitly.
I considered this before my reply, but found this on their web page:
Every SpireMedia-built website comes with a content management solution.
Our CMS scales to the enterprise and includes permissions-based
workflow, automated publishing and expiration of content,
component-based controls for all modules, multiple-site support, and
support for unlimited design templates.
I'm not sure if that helps or makes this more confusing, since most VDBs
have a policy against site specific vulnerabilities =) But, if they
include this CMS package on every web site they design, to me that sounds
like a commercial package, just not one sold as a COTS traditional
More information about the VIM