[VIM] DLL hell: 2010

Steven M. Christey coley at linus.mitre.org
Fri Aug 27 13:16:34 CDT 2010

Anybody giving thought to what they will do if / when every single vuln 
that's affected by DLL hijacking / library loading is actually reported? 
Maybe it's worse for CVE because we have a "CVE-10K" problem (i.e. what to 
do if we hit CVE-yyyy-9999) but at some point one has to wonder about the 
usability of VDBs if they're completely swamped by this issue.

It's got to be on the order of hundreds if not thousands of potentially 
vulnerable apps.  Apparently exploit-db has given up doing individual 
records for them.

- Steve

More information about the VIM mailing list