This is a very hard question to answer as it depends on a lot of variables, like:
- the application in question and
- the nature of the vulnerability.
If the vulnerability is irrelevant to the operating system, for example an application that doesn't have appropriate access controls, then both the Linux and Windows variants may be vulnerable. But if the vulnerability relies on a particular operating system, like expecting a Windows-based kernel, then it is unlikely that the same vulnerability will impact Linux. But as mentioned, this is very arbitrary.
I would always err on the side of caution and carefully investigate any discovered vulnerability to determine all the possible combinations of operating systems, versions, and circumstances in which you might be vulnerable. Many of the security companies do this for you and I would recommend starting there if the vulnerability is known and documented.
This was first published in February 2007