[VIM] [OSVDB Mods] FileRun vulns

Steve Tornio steve at vitriol.net
Tue Jul 14 13:58:39 UTC 2009

On Mon, Jul 13, 2009 at 7:25 PM, Ryan Russell <ryan at thievco.com> wrote:

> I have a "vendor response" from FileRun:
> "Those vulnerabilities were published in February 2007 by
> "pridels0.blogspot.com" and taken over by "http://secunia.com/". Since
> then, this information was copied by all kind of websites with
> information on software vulnerabilities. Anyway, they were affecting the
> public demo that was on display and were fixed in the first FileRun
> major version (1.0).

It looks like the Secunia (and the rest of us) borked the link.  The
original report can be viewed at

r0t claims that 1.0 and earlier are affected, so that seems to be at odds
with the vendor response.  Are you able to verify whether 1.0 is vulnerable?

Covering these:
> http://osvdb.org/search?search[vuln_title]=filerun&search[text_type]=titles<http://osvdb.org/search?search%5Bvuln_title%5D=filerun&search%5Btext_type%5D=titles>

I'm going to update our entries with the new advisory URL.  If you come up
with any additional info, feel free to forward it on, or mangle it up and
we'll push out the update.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.attrition.org/pipermail/vim/attachments/20090714/9af0cd73/attachment.html 

More information about the VIM mailing list