[VIM] recent MSIE vulns and value
security curmudgeon
jericho at attrition.org
Mon Aug 3 23:38:12 UTC 2009
http://www.microsoft.com/technet/security/bulletin/MS09-034.mspx
Acknowledgments
Microsoft thanks the following for working with us to help protect
customers:
Peter Vreugdenhil of VeriSign iDefense Labs for reporting the Memory
Corruption Vulnerability (CVE-2009-1917)
Peter Vreugdenhil, working with TippingPoint and the Zero Day Initiative,
for reporting the Uninitialized Memory Corruption Vulnerability
(CVE-2009-1919)
--
This is interesting. I wonder if we can read into this to mean that
iDefense and ZDI disagreed on the value of the vulnerabilities, and
Vreugdenhil sold to the company who put more value on each?
More information about the VIM
mailing list