[VIM] Energizer DUO USB battery charger Issue

Steven M. Christey coley at linus.mitre.org
Wed Mar 10 21:37:07 UTC 2010

The CVE was assigned by CERT but I agree with it.  The software came from 
a vendor web site and it allows much more access than the sysadmin 
intends.  Doesn't matter whether it got compromised at the distribution 
point or if this was intentional by the vendor.  We have a small handful 
of things like this in CVE.  There's a slippery slope between this and 
"POtentially Unwanted Software" though.

- Steve

More information about the VIM mailing list