[VIM] CVE-2007-5324 (IBM DB2JDS overflows) is a dupe of CVE-2007-2582
Steven M. Christey
coley at mitre.org
Sat Oct 13 00:21:16 UTC 2007
ZDI recently confirmed to me that the IBM DB2JDS overflows they just
reported are already covered by CVE-2007-2582. The link between the
two is APAR IY97750, which was vaguely written in the initial
disclosure, but it's the proper fix for the ZDI overflows.
Just FYI, since some VDB's appear to have duplicate entries. We're
using CVE-2007-2582 since it's been out longer.
- Steve
More information about the VIM
mailing list