BID 759 lists CVE-1999-0872 which is wrong. It belongs to BID 611. #securityfocus
-
-
@attritionorg@SushiDude There were some pretty good updates. I'm always surprised about high quality. Just some minor mistakes.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@attritionorg@SushiDude Who is responsible for CVSS scores and who is for CPE assignments? MITRE or NVD? Most mistakes can be found there. -
.
@mruef@attritionorg NVD does CPE and CVSS scores. CVE does descriptions/references. BTW, old CVEs had auto-calculated CVSS scores -
@SushiDude@mruef and NVD outsources the CPE / CVSS generation to a contractor (BA a while back, not sure who now)
End of conversation
New conversation -
-
-
.
@attritionorg@mruef since CVE's main role is communication, having *relevant* details in the desc is more important than complete details -
@SushiDude@attritionorg@mruef Also having links to useful information (e.g. bugzilla entries/patch details) vs. vendors with nothing -
@kurtseifried@SushiDude@attritionorg Interesting. Some old CVE mention DoS in summary but have CVSS CI:C/II:C/AI:CC. Vice versa for BO. -
@mruef@kurtseifried really curious what@SushiDude said about old entries being auto-scored. what formula / criteria?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.