[VIM] ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability
ZDI Disclosures
zdi-disclosures at tippingpoint.com
Mon Apr 26 14:32:43 UTC 2010
Brian,
Actually the site shows different CVE IDs for these two cases:
Let me know if you have further questions on this. Perhaps it was updated after you initially saw it listed.
Best,
Kate
CVE ID: ZDI ID
--------------------- ------
CVE-ID: CVE-2010-0047 ZDI-10-029
CVE-ID: CVE-2010-0050 ZDI-10-031
-----Original Message-----
From: security curmudgeon [mailto:jericho at attrition.org]
Sent: Saturday, April 17, 2010 2:55 PM
To: ZDI Disclosures
Cc: vim at attrition.org
Subject: Re: ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability
Hi ZDI,
: ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-029
: March 15, 2010
: CVE-2010-0050
Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-031/
March 16th, 2010
CVE-2010-0050
Same researcher, but vulnerabilities were reported to vendor six days apart. Can you confirm both advisories should have the same CVE assigned?
Brian
OSVDB.org
More information about the VIM
mailing list