[VIM] Are we REALLY going to go there?
Steven M. Christey
coley at mitre.org
Tue May 30 02:50:00 EDT 2006
Ref: BUGTRAQ:20060523 Assetman <= 2.4a XSS
http://www.securityfocus.com/archive/1/archive/1/435139/100/0/threaded
Are VDB's REALLY going to continue to go down this road of recording
vague, completely unactionable researcher disclosures without any
vendor contact or details on attack vectors or bug types? (not
including post-disclosure analysis that finds the specifics, of
course.)
It's taking all my mental energy to hold back from making a rather
unproductive, voluminous rant.
- Steve
More information about the VIM
mailing list