[VIM] FALSE -> DynamicPAD HomeDir RFI
Steven M. Christey
coley at linus.mitre.org
Tue May 8 17:31:17 UTC 2007
On Tue, 8 May 2007, str0ke wrote:
> I don't have the source code to go back over 1.02 but it did seem
> vulnerable before.
There seems to be an unfortunate habit by some researchers where they'll
test an older version (maybe live on a site somewhere) and just assume the
latest version is vulnerable, and report the latest version. Yet another
painful part of the dispute process. When I do a dispute, I try to get
some older source code just in case of these researcher errors, but of
course that's not always feasible and it usually doesn't pay off.
More information about the VIM