[VIM] recent MSIE vulns and value

security curmudgeon jericho at attrition.org
Mon Aug 3 23:38:12 UTC 2009



Microsoft thanks the following for working with us to help protect 
Peter Vreugdenhil of VeriSign iDefense Labs for reporting the Memory 
Corruption Vulnerability (CVE-2009-1917)

Peter Vreugdenhil, working with TippingPoint and the Zero Day Initiative, 
for reporting the Uninitialized Memory Corruption Vulnerability 


This is interesting. I wonder if we can read into this to mean that 
iDefense and ZDI disagreed on the value of the vulnerabilities, and 
Vreugdenhil sold to the company who put more value on each?

More information about the VIM mailing list