|
by blackwater 07/26/2019, 5:14pm PDT |
|
|
|
|
|
MITRE is supposed to be an authoritative source of security vulnerability information. The gold standard. But they didn't do their due diligence on this CVE. The entry in the CVE database is just wrong. So this is more like Reuters reporting something wrong, and a reporter signal-boosting it without cross-checking it.
Also, the VLC guy is right. If this were a vulnerability in some Microsoft shit, MITRE would never have issued a CVE without contacting the company and verifying that it was real. Hopefully this will motivate some change at MITRE corp. |
|
|
|
|
|
|
|