>But then there is the important concept of the "private 0day", a new
>vulnerability that a malicious person has but has not used yet.
But the point is there is no such thing as a 0day *vulnerability"; there's
a 0day exploit, an exploit in the wild before the vulnerability id
discovered.
>But then there is the important concept of the "private 0day", a new
>vulnerability that a malicious person has but has not used yet.
But the point is there is no such thing as a 0day *vulnerability"; there's
a 0day exploit, an exploit in the wild before the vulnerability id
discovered.
By claim...
[ more ]