[VIM] CVE-2006-0484 (under review) - poblem sovled (Info from Vendor) (fwd)

Steven M. Christey coley at linus.mitre.org
Fri Feb 3 21:56:45 EST 2006


guess vis.pl really *is* part of face control ;-)


---------- Forwarded message ----------
Date: Sat, 4 Feb 2006 04:53:46 +0200
From: support
To: cve at mitre.org
Subject: RE: CVE-2006-0484 (under review) - poblem sovled (Info from Vendor)


RE: CVE-2006-0484 (under review)
Directory traversal vulnerability in Vis.pl, as part of the FACE CONTROL
product, allows remote attackers to read arbitrary files via a .. (dot dot) in any
parameter that opens a file, such as (1) s or (2) p.

The Isue was solved by our program team. All the clients are provided  with
proper system updates.

Thank you.

Face Control Program Team



More information about the VIM mailing list