[VIM] OSVDB 67800 / CVE-2010-3205 - Textpattern dispute

security curmudgeon jericho at attrition.org
Sat Oct 2 16:07:01 CDT 2010



This is not a vulnerability. The code in question does not execute until 
after separate authentication and authorization checks. Even a logged-in 
user with full privileges cannot get this code to include a file from 
outside the application.

Comment submitted from:
Frontier Communications of America, Inc. FRTR-71-111-192-0 
(NET-71-111-192-0-1) -

More information about the VIM mailing list