[VIM] CVE-2009-4006

security curmudgeon jericho at attrition.org
Wed Dec 9 09:47:24 UTC 2009


And by that, i meant nvd.nist.gov

(wow, most traffic VIM has seen in weeks!)

On Wed, 9 Dec 2009, security curmudgeon wrote:

: 
: No one from nvd.gov currently subscribes to VIM. I am CC'ing them on this 
: mail and making sure they are aware of this list =)
: 
: In general, text issues should go to cve at mitre.org (or here, we know Steve 
: reads) and anything CVSS related should go to nvd at nist.gov, as they 
: calculate the scores.
: 
: .b
: 
: p.s. NVD: http://attrition.org/mailman/listinfo/vim
: 
: 
: 
: On Wed, 9 Dec 2009, Carsten H. Eiram wrote:
: 
: : I just noticed that the NVD CVSS2 score sets "Au:S". That is incorrect -
: : no authentication is required.
: : 
: : cheers,
: : /Carsten
: : 
: : 
: : On Wed, 2009-12-09 at 11:34 +0200, Noam Rathaus wrote:
: : > The text here:
: : > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4006
: : > 
: : > Says:
: : >  hexidecimal
: : > 
: : > I believe the right word is 
: : >  hexadecimal
: : > 
: : > Thanks,
: : > Noam.
: : > 
: : -- 
: : 
: : Med venlig hilsen / Kind regards
: : 
: : 
: : Carsten H. Eiram
: : Chief Security Specialist
: : 
: : Secunia 
: : Weidekampsgade 14 A
: : DK-2300 Copenhagen S
: : Denmark
: : 
: : Phone  +45 7020 5144
: : Fax    +45 7020 5145
: : 
: 


More information about the VIM mailing list