[VIM] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-4495 (fwd)
Steven M. Christey
coley at linus.mitre.org
Wed Jan 18 00:59:36 EST 2006
On Wed, 18 Jan 2006, security curmudgeon wrote:
> I'm not sure if that helps or makes this more confusing, since most VDBs
> have a policy against site specific vulnerabilities =) But, if they
> include this CMS package on every web site they design, to me that sounds
> like a commercial package, just not one sold as a COTS traditional
> package.
Yes, I'm starting to think that this is in the scope of "normal"
vulnerabilities to report in a vuln DB. But since it's so close to
site-specific vulns it can be very hard to figure out, plus there's the
question of live testing.
- Steve
More information about the VIM
mailing list