[VIM] DLL hell: 2010
Steven M. Christey
coley at linus.mitre.org
Fri Aug 27 13:16:34 CDT 2010
Anybody giving thought to what they will do if / when every single vuln
that's affected by DLL hijacking / library loading is actually reported?
Maybe it's worse for CVE because we have a "CVE-10K" problem (i.e. what to
do if we hit CVE-yyyy-9999) but at some point one has to wonder about the
usability of VDBs if they're completely swamped by this issue.
It's got to be on the order of hundreds if not thousands of potentially
vulnerable apps. Apparently exploit-db has given up doing individual
records for them.
More information about the VIM