1

is any unknown vulnerability from any type considered as 0 day vulnerability ?

as example if i discovered xss vulnerability in a website which is unknown for users and developers, then does that mean i have discovered a 0-day vulnerability ?

or it means a new type of vulnerabilities which is found for the first time ?

according to the first definition i deduce that zero days vulnerabilities is very common and doesn't represent the intelligence or excellence of it's discoverer ! and this deduction is against the public opinion

and according to my other definition i deduce that all known types of vulnerabilities were zero days in the past ! so xss,sql,file upload,RCE..etc all of these were zero days vulnerabilities previously ?

i am really confused

==== edit ===

my question is not duplicated because it's about specific part of zero day definition, the known answer tell me that a 0day is a vulnerability which is unknown for the software developers

but that isn't a precise definition as it keeps some questions unanswered :

like : .. what is the essence of 0day ? is it a new type of vulnerabilities which could be exist in any software or it's just one of that common vulnerabilities which is found in a software without informing it's developers?

if it's a new attack vector so could someone give me an example of a 0day vulnerability of the past which is known now and no longer considered a 0day

  • The meaning of a specific term is what it conveys to other people. In general cases refer to Wikipedia. It might not be a source of wisdom, but it serves as a good reference for words. Most people will use it to gain their understating. – techraf Dec 08 '16 at 00:10
  • Please search the stack exchange before opening a new question. – awiebe Jun 17 '18 at 21:57

2 Answers2

2

There is pretty good explanation on Wikipedia (bold mine):

A zero-day (also known as zero-hour or 0-day or day zero) vulnerability is an undisclosed computer-software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network. It is known as a "zero-day" because it is not publicly reported or announced before becoming active, leaving the software's author with zero days in which to create patches or advise workarounds to mitigate its actions.

A real-world example dates back to three quarter centuries ago.

Cyker
  • 1,613
  • 12
  • 17
0

Any vulnerability that was exploited before the author was aware or was able to produce a patch is a zero day.

Any vulnerability which is shown to the author before known attack code attacks it is not a zero day, since the author now has N days to produce a patch, either N days from some disclosure agreement, or somebody also knows about the vulnerability and attacks it.

Rich Homolka
  • 199
  • 2
  • 3