[VIM] Milw0rm 4392 - CVE-2007-3997 [Dupe]

GM darkfig gmdarkfig at gmail.com
Tue Sep 11 21:25:27 UTC 2007


Hi all,
This bug was reported by Dave Wilson on 2002.

**2002
[PHP Bugs] http://bugs.php.net/bug.php?id=15408
[Exploit] http://www.securiteam.com/exploits/5LP03156AC.html

**2003
[PHP Bugs] http://bugs.php.net/bug.php?id=23779

**2007 [Dupe]
[Milw0rm] http://www.milw0rm.com/exploits/4392
[CVE] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3997

The PHP team patched this vulnerability on PHP 5.2.4 (5 years after
the submission).
They credited Mattias Bengtsson (I think that he is also <php at jkt
dot wz dot cz>)  who posted (in 2003 and 2007) another one text about
this.

So, the credits goes to Dave Wilson.
mattias at secweb.se, po at secweb.se and php at jkt.wz.cz doesn't have to be
credited for that.

Next time, before writing a paper about a new vulnerability, they
should search if the vulnerability has already been discovered.


More information about the VIM mailing list