G+_Eddie Foy Posted March 18, 2016 Share Posted March 18, 2016 Saw this as a tweet and made me chuckle (then cry); We are running out of CVE-IDs faster than we are running out of IPv4 addresses. Link to comment Share on other sites More sharing options...
G+_Steve Martin Posted March 18, 2016 Share Posted March 18, 2016 Heh, they probably should have given MS Windows it's own 64 bit CVE-ID address space ;) OTOH, they actually did realize this a couple of years ago and addressed it: https://cve.mitre.org/cve/identifiers/syntaxchange.html Link to comment Share on other sites More sharing options...
G+_Eddie Foy Posted March 18, 2016 Author Share Posted March 18, 2016 A lot of MFG's/Vendors have their own 'space" (MS one of them) But why give a bigger space to those that repeatable FAIL??? Publicly shame them!!! Sorry company X you have reached your limit of exploits; now your are publicly shamed. Sorry, this is NOT good form nor acceptable procedure. When a kernel font rendering exploit hits in 2016, you F'ing lose! FULL disclosure, no 90 day warning. This was fixed in 1999. Link to comment Share on other sites More sharing options...
Recommended Posts