[VIM] CVE-2013-0332 / CVE-2013-0232 (Zoneminder) mapping errors

Christey, Steven M. coley at mitre.org
Wed Mar 20 08:58:39 CDT 2013

Apparently some sources, including Exploit-DB and OSVDB, are using incorrect CVEs for Zoneminder issues.

Whether this was a typo somewhere I don't know.

http://www.openwall.com/lists/oss-security/2013/02/21/8 links CVE-2013-0332 with an LFI/directory-traversal issue 

http://www.openwall.com/lists/oss-security/2013/01/28/2 links CVE-2013-0232 with code execution involving packageControl() and exec().

EXPLOIT-DB: 24310 and OSVDB: 89529 are both for packageControl() and map to -0332, but this should be -0232.

CVE-2013-0332 and CVE-2013-0232 will be public in about an hour.

- Steve

More information about the VIM mailing list