[VIM] Question regarding ZDI-12-017's CVE
ZDI Disclosures
zdi-disclosures at tippingpoint.com
Mon Jun 18 10:59:03 CDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I have sent an additional request to Oracle as I note we have 9 published
advisories without CVE#s from them. I hope they will respond in a timely
manner and I will forward on the CVEs as soon as I receive them
Thank you,
The ZDI Team
- -----Original Message-----
From: security curmudgeon [mailto:jericho at attrition.org]
Sent: Monday, June 11, 2012 6:35 PM
To: ZDI Disclosures
Cc: vim at attrition.org
Subject: RE: [VIM] Question regarding ZDI-12-017's CVE
: Thank you for the insight. I did not know this.
:
: I had just pinged Oracle for CVE's related to tomorrow's patches they
: are releasing. I will go ahead and ask for this one as well. Any others
: that ZDI was a part of that you'd like Oracle CVE's for?
I don't think so at this time, but this comes up every patch cycle (just
not specific to ZDI). We appreciate you and other researchers asking for
the association. To this date, we still have 3rd party advisories on
Oracle that we cannot associate with a CVE, some going back as far as 2007
if memory serves.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1950)
Charset: utf-8
wsBVAwUBT99QNVVtgMGTo1scAQIsjwgAp13gEVHkvk9yUG7HE1mYBw05benHAkpc
e28lZa8W5mzaKYmZsJ7Lt9iHfjA/vEXnl/wemn2hRG2E8pOe3rnX8yKuxxCLY0bD
bMXLPD+lc0+lVAUy4bmSFDbMB4/fY4Sls/9T4fug/OkzXNToV/AdFXcYD8LgA378
fTGsoNd++w8ujT2NWQxOCKWyKkx3lzydiSyI6A8Y+pXb4KMrXdMeidWrB4rpEpj1
RV8EXqmxp6+tFKogK0j/SDN7R3QfUKCGwNGPI+fsLXdlAB4cwOqwg3X58RghJxNh
dHWZFINs+i+eoHWGUmgZrsYuv9NY4uxmhBCVTvz111SEk+/XfM7I/Q==
=930j
-----END PGP SIGNATURE-----
More information about the VIM
mailing list