On Tue, Apr 4, 2023 at 1:37 PM Greg Wooledge <[email protected]> wrote: > > On Tue, Apr 04, 2023 at 06:29:50PM +0100, [email protected] wrote: > > But cropping and ignoring the actual point of Stefan's mail rather > > misses the point and insults him. For example, three CVEs chosen at > > random from the 'vim' list: > > > > CVE-2010-3481 Multiple SQL injection vulnerabilities in > > login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is > > disabled, allow remote attackers to execute arbitrary SQL commands via > > the (1) user_name and (2) password variables, possibly related to > > include/classes/Login.php. NOTE: some of these details are obtained > > from third party information. NOTE: the password vector might not be > > vulnerable. > > > > CVE-2010-2704 Buffer overflow in HP OpenView > > Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to > > execute arbitrary code via a long HTTP request to nnmrptconfig.exe. > > > > CVE-2010-2703 Stack-based buffer overflow in the execvp_nc > > function in the ov.dll module in HP OpenView Network Node Manager (OV > > NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to > > execute arbitrary code via a long HTTP request to webappmon.exe. > > > > FWIW, the word SQL appears 127 times in the 'vim' CVEs, and the word > > 'vim' doesn't appear in most so I'm not sure how helpful these numbers > > actually are. > > The word "via" appears in all three of your selections. That makes me > think that the web site is using some kind of a "close-enough match" > heuristic, and is (unhelpfully) matching "via" as close enough to "vim".
Oh, that would not be good. The Vim folks had a bad week this week: https://ubuntu.com/security/notices/USN-5995-1 . There were 30 CVEs fixed this week. Jeff
