Re: Re: 0day: PDF pwns Windows

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: 0day: PDF pwns Windows
From: rmk115@xxxxxxxxxxxxxxx
Date: 21 Sep 2007 18:59:42 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

I must concur with Gadi. "0day" does not apply. 
How the vulnerability comes to light does matter.

So far, all that has been exposed is "a vulnerability exists." If a PDF which 
exploits the vulnerability had circulated, then "0day" would apply. Active 
exploitation is the defining characteristic of "0day".

Otherwise all vulnerabilities would be "0day" vulnerabilities. The term would 
be meaningless.

Prev by Date: Re: CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities
Next by Date: Re: 0day: PDF pwns Windows
Previous by thread: Re: [Full-disclosure] 0day: PDF pwns Windows
Next by thread: Re: Re: 0day: PDF pwns Windows
Index(es):
- Date
- Thread