[VIM] OSVDB 67800 / CVE-2010-3205 - Textpattern dispute

security curmudgeon jericho at attrition.org
Sat Oct 2 16:07:01 CDT 2010


http://osvdb.org/show/osvdb/67800

http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3205

This is not a vulnerability. The code in question does not execute until 
after separate authentication and authorization checks. Even a logged-in 
user with full privileges cannot get this code to include a file from 
outside the application.


Comment submitted from:
Frontier Communications of America, Inc. FRTR-71-111-192-0 
(NET-71-111-192-0-1) 71.111.192.0 - 71.111.255.255



More information about the VIM mailing list