[VIM] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch
Steven M. Christey
coley at linus.mitre.org
Sat Nov 20 15:24:48 CST 2010
I think we caught this confusion before we created CVE-2010-4010, and we
clarified by email with Apple that these weren't dupes. We inferred that
the Apple advisory archives had been modified to use the new CVE.
- Steve
On Fri, 19 Nov 2010, George A. Theall wrote:
> Core Security's advisory recent Mac OS X advisory
> (http://www.coresecurity.com/content/Apple-OSX-ATSServer-CharStrings-Sign-Mismatch)
> seems to be creating confusion. For example, there's this entry in their
> timeline:
>
> "2010-11-11: Apple informs Core that due to a clerical error they used the
> identifier CVE-2010-1797 for their advisory, instead of CVE-2010-4010. "
>
> Fortunately, this doesn't seem to have introduced any problems with the two
> CVE entries themselves. Had you noticed this, Steve?
>
> SecurityFocus, though, has two BIDs that seem to be for CVE-2010-4010 -- BID
> 44729 created last week and BID 44984 created today. Rob?
>
>
> George
> --
> theall at tenablesecurity.com
>
>
>
More information about the VIM
mailing list