[VIM] BID Duplicate for CVE-2012-0874

Arun Babu Neelicattu abn at redhat.com
Sun Oct 27 19:28:12 CDT 2013


That is correct, both BIDs describe CVE-2012-0874. The exploit included
in BID 62854 is just a repackaging of the exploit and methods detailed
in [1], which is covered by BID 57552.

Hope that helps.

[1]
https://www.redteam-pentesting.de/publications/2009-11-30-Whitepaper_Whos-the-JBoss-now_RedTeam-Pentesting_EN.pdf
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0874

-- 
Arun Neelicattu / Red Hat Security Response Team 
PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B


On Fri, 2013-10-25 at 22:47 -0600, Kurt Seifried wrote:
> http://www.securityfocus.com/bid/62854 is actually CVE-2012-0874
> (covered by http://www.securityfocus.com/bid/57552)
> 
> Apparently it's just a new avenue of attack (not sure how BID splits
> so this may be OK for BID but it shouldn't get another CVE). Arun can
> confirm/etc.
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.attrition.org/pipermail/vim/attachments/20131028/7ec30715/attachment.asc>


More information about the VIM mailing list