[VIM] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-4495 (fwd)

Steven M. Christey coley at linus.mitre.org
Wed Jan 18 00:59:36 EST 2006

On Wed, 18 Jan 2006, security curmudgeon wrote:

> I'm not sure if that helps or makes this more confusing, since most VDBs
> have a policy against site specific vulnerabilities =) But, if they
> include this CMS package on every web site they design, to me that sounds
> like a commercial package, just not one sold as a COTS traditional
> package.

Yes, I'm starting to think that this is in the scope of "normal"
vulnerabilities to report in a vuln DB.  But since it's so close to
site-specific vulns it can be very hard to figure out, plus there's the
question of live testing.

- Steve

More information about the VIM mailing list