[VIM] BID 48170 Confusion
security curmudgeon
jericho at attrition.org
Sat Jul 9 16:09:03 CDT 2011
late to the party I know..
: The 1.4.27 release announcement referenced in the BID shows it was
: published in May 20th, 2010 and credits Ilja van Sprundel for
: discovering the vulnerability.
CVE-2010-4667
: The 1.5.12 release announcement referenced in the BID shows it was
: published in January 2nd, 2011 and credits Janek Vind.
CVE-2011-2476
For a bit easier tracking.
OSVDB will be adding an entry for the command injection issues you
mentioned.
More information about the VIM
mailing list