[VIM] Vendor dispute - CVE-2006-5840 (abarcar Realty Portal)
Steven M. Christey
coley at mitre.org
Thu Dec 7 16:51:38 EST 2006
Researchers: Laurent Gaffié and Benjamin Mossé
The vendor disputed this issue to CVE via e-mail, stating that:
- version 5.1.5 had been discontinued in 2003
- 6.xx was discontinued in early 2006
- the current version only does static pages without parameters
- "the parameter 'slid' and the file 'slistl.php' never existed in
any abarcar Realty Portal version"
- questions to the original researchers were not answered.
There was no statement regarding whether the discontinued versions
were subject to the newsdetails.php/neid vector.
I don't have any additional analysis.
- Steve
More information about the VIM
mailing list