[VIM] Who's Right?

security curmudgeon jericho at attrition.org
Thu May 22 01:49:43 UTC 2008

: Looking at the ithe buffer overflow announced today in Domino, I noticed 
: IBM suggests that exploitation only results in a denial of service while 
: MWR, the researchers who are credited with discovery, talk about 
: arbitrary code execution with local SYSTEM privileges, for which they 
: claim to have a working PoC for Windows.  I wonder who's right...

Doesn't IBM have a history of downplaying overflows, only mentioning the 
DoS angle?

More information about the VIM mailing list