[VIM] vendor dispute on CVE-2006-3253
Stuart Moore
smoore at securityglobal.net
Mon Jul 3 13:06:45 EDT 2006
The vendor has contacted us to dispute the crazy cracker posting
regarding a cross-site scripting vulnerability in vBulletin:
http://securitytracker.com/id?1016348
The vendor has been unable to reproduce this, testing versions 3.5.4,
3.6.0 and even 3.0.x.
I did some random spot testing and was also unable to reproduce anything.
Interestingly, crazy cracker's web site runs vBulletin 3.5.4.
I've sent mail to crazy cracker to ask for additional information, but
last time I did that, I got no response.
Stuart
More information about the VIM
mailing list