[VIM] CVE-2006-2823

Stuart Moore smoore at securityglobal.net
Thu Jun 8 09:47:54 EDT 2006


Hi.  The recently reported "new bug" in a.shopKart 2.0 [assigned 
CVE-2006-2823] is actually an old bug reported by CyberTalon back in 
March 2004:


It appears that there is no 2004-year CVE number assigned.  I couldn't 
find any references in SF, Secunia, OSVDB, but ISS XForce assigned it 
ashopkart-database-file-access (15599).

The vendor (URLogy) appears to be the same entity as Katrien De Graeve.

Should the new CVE number be applied to the old report?


More information about the VIM mailing list