Excerpts from Jeroen Budts's message of Tue Oct 09 11:05:27 +0200 2012:
> This looks like another new suspicious script:
> http://www.vim.org/scripts/script.php?script_id=4259
Thanks for reporting. Vim treats files as binary content.
AFAIK there is no page displaying contents of the binary files.
The only thing I really fear would be people starting to write malicious
.vim code and embed that into a useful script.
Anyway that content doesn't make sense - because you can check whether
there is a chance finding out whether you can make browsers run such
code much faster: Get existing content, use google to see whether it
finds it. If it finds content you have a chance to inject JS.
Thus why did this guy/girl go through the trouble registering?
Marc Weber
--
You received this message from the "vim_use" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
Tuesday, October 9, 2012
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment