[VIM] ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability

ZDI Disclosures zdi-disclosures at tippingpoint.com
Mon Apr 26 14:32:43 UTC 2010


Brian,

Actually the site shows different CVE IDs for these two cases:
Let me know if you have further questions on this. Perhaps it was updated after you initially saw it listed.

Best,
Kate

CVE ID:                        ZDI ID
---------------------          ------
CVE-ID: CVE-2010-0047          ZDI-10-029
CVE-ID: CVE-2010-0050          ZDI-10-031


-----Original Message-----
From: security curmudgeon [mailto:jericho at attrition.org] 
Sent: Saturday, April 17, 2010 2:55 PM
To: ZDI Disclosures
Cc: vim at attrition.org
Subject: Re: ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability


Hi ZDI,

: ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-029
: March 15, 2010
: CVE-2010-0050

Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-031/
March 16th, 2010
CVE-2010-0050

Same researcher, but vulnerabilities were reported to vendor six days apart. Can you confirm both advisories should have the same CVE assigned?

Brian
OSVDB.org


More information about the VIM mailing list