Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Alternatively, it could be that someone analyzing a piece of malware realized that it exploited a previously undisclosed vulnerability. In both cases, the party communicating the vulnerability information to the vendor is not the original finder. That said, whether or not the reporter is the original finder is often not as relevant as whether the newly provided information is sufficient to determine the existence and impact of the problem reported.


< 3.1. Finder | 3.3. Vendor >