> Any body can explain why no credit section for this advisory? Probably because the person who found the bug didn't notify the security team, but posted it on a public list to gain l33t points.