[VIM] Microsoft Internet Explorer CVE-2013-3871 Memory Corruption Vulnerability
security curmudgeon
jericho at attrition.org
Fri Oct 11 15:44:18 CDT 2013
: Mitre has not rejected the CVE either, although that entry still
: references MS13-080.
:
: Perhaps someone from ZDI can shed some light since, according to an
: earlier copy of the advisory
: (http://web.archive.org/web/20131009121613/http:/technet.microsoft.com/en-us/security/bulletin/ms13-080),
: the CVE is for an issue reported by Simon Zukerbraun working through
: them.
http://www.zerodayinitiative.com/advisories/ZDI-13-232/
This was public for a bit. OSVDB 98199 was mangled to reflect the
information in that advisory. Given that ZDI yanked it and MS is saying
"addressed in future", I imagine that this accidental disclosure is
accurate, but not patched as previously thought.
CVE is still reflecting the unspecified memory corruption issue.
More information about the VIM
mailing list