[VIM] CVE-2007-5324 (IBM DB2JDS overflows) is a dupe of CVE-2007-2582

Steven M. Christey coley at mitre.org
Sat Oct 13 00:21:16 UTC 2007

ZDI recently confirmed to me that the IBM DB2JDS overflows they just
reported are already covered by CVE-2007-2582.  The link between the
two is APAR IY97750, which was vaguely written in the initial
disclosure, but it's the proper fix for the ZDI overflows.

Just FYI, since some VDB's appear to have duplicate entries.  We're
using CVE-2007-2582 since it's been out longer.

- Steve

More information about the VIM mailing list