[VIM] phpMUR Remote File Disclosure Vulnerability

rkeith rkeith at securityfocus.com
Wed Aug 11 10:42:09 CDT 2010


Hey George,

That app hasn't been updated since 2007, so presumably that was the test version.

And yep, is a class file, calling it directly won't get you much.

We will retire the BID shortly.

-Rob

George A. Theall wrote:
> Exploit DB 14615 / Bugtraq 42353, which concerns a file disclosure vuln
> in phpMUR, looks bogus to me. At least in phpMUR.2007.10.16, the current
> version, the affected file is a class file, and you can't reach any of
> the member functions by calling the script directly as the advisory claims.
> 
> George

-- 
Rob Keith
Symantec


More information about the VIM mailing list