Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-17689 (GCVE-0-2017-17689)
Vulnerability from cvelistv5
Published
2018-05-16 19:00
Modified
2024-08-05 20:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:59:17.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pastebin.com/gNCc8aYm"
},
{
"name": "104165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://efail.de"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-17T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pastebin.com/gNCc8aYm"
},
{
"name": "104165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://efail.de"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://news.ycombinator.com/item?id=17066419",
"refsource": "MISC",
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"name": "https://pastebin.com/gNCc8aYm",
"refsource": "MISC",
"url": "https://pastebin.com/gNCc8aYm"
},
{
"name": "104165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104165"
},
{
"name": "https://twitter.com/matthew_d_green/status/996371541591019520",
"refsource": "MISC",
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"name": "https://efail.de",
"refsource": "MISC",
"url": "https://efail.de"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_22",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17689",
"datePublished": "2018-05-16T19:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T20:59:17.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-17689\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-05-16T19:29:00.303\",\"lastModified\":\"2024-11-21T03:18:27.893\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.\"},{\"lang\":\"es\",\"value\":\"La especificaci\u00f3n S/MIME permite un ataque malleability-gadget Cipher Block Chaining (CBC) que puede conducir indirectamente a la exfiltraci\u00f3n en texto plano. Esto tambi\u00e9n se conoce como EFAIL.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:9folders:nine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE489EA-2250-4BF0-800C-EDA6EA7D6AAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"217117AE-C16C-4265-A9A9-152D06FCD64E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*\",\"matchCriteriaId\":\"081D62F6-B751-4109-B10B-3CF9535B3C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F389CED1-846A-4807-B8E7-00FBECAA41A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"930AFDDA-C32A-45E7-BA6E-5827E59B573B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED2616EA-332D-4D6E-B66C-137A166E181D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C26D918-1548-4A62-BC5C-72DF9168A34E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnome:evolution:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38B06B0D-E60A-4B61-9E39-F5116C8F22A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:gmail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C671802A-2362-4E66-B5D5-079E5E6B89A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDAD39AA-B9FD-492B-9BDA-57F74F4FABE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:notes:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91669C83-56A0-4087-8B6D-2012EB0AE9D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kde:kmail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F01C924-2AE4-4214-9139-ED08293D198C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kde:trojita:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93076D12-C4AD-4DE8-A76C-9819493FF516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D789259A-034E-40BB-9DFF-76B3104B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:outlook:2010:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A009EAF-41A1-4E6D-B1EB-A2DACE197A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CD3770E-9513-43B2-BC9E-0CA3F63D59FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2B1657C-0FF4-461A-BE2A-641275C4B0A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF583CDC-DE9E-45AB-9861-CB203BFA8862\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BA111F-A9FB-457D-818E-412195F9EA0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19296516-EAD4-4B08-8D9A-5E853C7BEF58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ritlabs:the_bat:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48A3CC49-2FAC-40C9-9CDA-E4440577205E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104165\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://efail.de\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=17066419\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://pastebin.com/gNCc8aYm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/matthew_d_green/status/996371541591019520\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_22\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://efail.de\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=17066419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://pastebin.com/gNCc8aYm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/matthew_d_green/status/996371541591019520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
ghsa-xv45-9768-g2mm
Vulnerability from github
Published
2022-05-13 01:44
Modified
2022-05-13 01:44
Severity ?
VLAI Severity ?
Details
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
{
"affected": [],
"aliases": [
"CVE-2017-17689"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-16T19:29:00Z",
"severity": "MODERATE"
},
"details": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"id": "GHSA-xv45-9768-g2mm",
"modified": "2022-05-13T01:44:27Z",
"published": "2022-05-13T01:44:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17689"
},
{
"type": "WEB",
"url": "https://efail.de"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"type": "WEB",
"url": "https://pastebin.com/gNCc8aYm"
},
{
"type": "WEB",
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"type": "WEB",
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104165"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
CERTFR-2018-ALE-007
Vulnerability from certfr_alerte
Le 14 mai 2018, un site internet rendait disponible les détails d'une attaque baptisée EFAIL permettant de compromettre les échanges de courriels sécurisés par les mécanismes S/MIME et OpenPGP.
L'attaque permet à un acteur malveillant d'obtenir la version déchiffrée d'un message protégé par l'un des systèmes de chiffrement S/MIME ou OpenPGP. Pour cela l'attaquant doit être en position d'homme du milieu c'est à dire être capable de lire les échanges courriels entre un expéditeur et un destinataire.
Fuite de données et contenu actif
Une variante de l'attaque EFAIL tire parti des fonctionnalités des
clients de messageries qui permettent d'enrichir le contenu textuel d'un
courriel en intégrant du HTML ou encore du CSS. Ces éléments
additionnels sont désignés comme contenu actif.
Un attaquant en mesure d'intercepter un courriel chiffré pourra ainsi y
concaténer certains éléments de ces langages, sans modifier la partie
chiffrée. Lors du déchiffrement du message par le client de messagerie
le contenu actif sera exécuté et le message clair exfiltré. Cette
variante fonctionne sur une minorité des clients de messagerie
vulnérables à EFAIL.
Attaque cryptographique
L'autre variante de l'attaque EFAIL exploite les propriétés de malléabilité des chiffrements utilisés par S/MIME et OpenPGP afin de directement modifier le chiffré d'un message sans avoir besoin de disposer des clés cryptographiques. Ces manipulations auront pour objectif d'y ajouter directement le contenu actif malveillant qui, une fois déchiffré, permettra de transmettre les données vers l'extérieur. Cette variante est plus complexe à exploiter mais concerne la majorité des clients de messagerie vulnérables à EFAIL.
Limitations
Bien que l'attaque EFAIL mette à mal le paradigme d'une communication sécurisée de bout-en-bout, les cas d'exploitation ne sont pas triviaux.
L'attaquant doit accéder aux mails chiffrés soit lors d'une interception d'un trafic réseau local, soit via Internet en disposant d'accès à un serveur de relais de messagerie. En fonction du scénario l'attaquant pourra dans certains cas bloquer temporairement le mail et le modifier, ou le copier lors de son transit et rejouer la copie vers la victime une fois altéré.
Il est à noter que la surface d'attaque est corrélée avec le nombre de destinataires d'une communication chiffrée. En effet, chaque destinataire d'un même courriel peut être la cible d'une attaque suivant le principe d'EFAIL.
Contournement provisoire
Le CERT-FR recommande d'appliquer les correctifs fournis par les éditeurs de client de messagerie.
Suivant le délai de mise à disposition de correctifs par les éditeurs, le CERT-FR recommande également l'application des mesures temporaires suivantes.
- Désactiver l'utilisation du contenu actif dans le client de messagerie (HTML, CSS).
- Utiliser une application indépendante du client de messagerie pour pratiquer les opérations de chiffrement et de déchiffrement des courriels. Ces actions peuvent par ailleurs être réalisées dans un environnement distinct et déconnecté du réseau.
De multiples clients de messagerie ont été identifiés comme étant vulnérables.
Une liste établie par les chercheurs à l'origine de la découverte de cette vulnérabilité est disponibles dans l'article tel que référencé dans la section documentation.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eDe multiples clients de messagerie ont \u00e9t\u00e9 identifi\u00e9s comme \u00e9tant vuln\u00e9rables.\u003c/p\u003e \u003cp\u003eUne liste \u00e9tablie par les chercheurs \u00e0 l\u0027origine de la d\u00e9couverte de cette vuln\u00e9rabilit\u00e9 est disponibles dans l\u0027article tel que r\u00e9f\u00e9renc\u00e9 dans la section documentation.\u003c/p\u003e ",
"closed_at": "2018-10-10",
"content": "## Contournement provisoire\n\nLe CERT-FR recommande d\u0027appliquer les correctifs fournis par les\n\u00e9diteurs de client de messagerie.\n\nSuivant le d\u00e9lai de mise \u00e0 disposition de correctifs par les \u00e9diteurs,\nle CERT-FR recommande \u00e9galement l\u0027application des mesures temporaires\nsuivantes.\n\n- D\u00e9sactiver l\u0027utilisation du contenu actif dans le client de\n messagerie (HTML, CSS).\n- Utiliser une application ind\u00e9pendante du client de messagerie pour\n pratiquer les op\u00e9rations de chiffrement et de d\u00e9chiffrement des\n courriels. Ces actions peuvent par ailleurs \u00eatre r\u00e9alis\u00e9es dans un\n environnement distinct et d\u00e9connect\u00e9 du r\u00e9seau.\n",
"cves": [
{
"name": "CVE-2017-17688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17688"
},
{
"name": "CVE-2017-17689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17689"
}
],
"initial_release_date": "2018-05-14T00:00:00",
"last_revision_date": "2018-10-10T00:00:00",
"links": [
{
"title": "D\u00e9sactivation du contenu actif dans Outlook",
"url": "https://support.microsoft.com/en-us/help/831607/how-to-view-all-e-mail-messages-in-plain-text-format"
},
{
"title": "Article de recherche pr\u00e9sentant les travaux sur la vuln\u00e9rabilit\u00e9 EFAIL",
"url": "https://efail.de/efail-attack-paper.pdf"
},
{
"title": "Site d\u00e9taillant le principe de la vuln\u00e9rabilit\u00e9 du 14 mai 2018",
"url": "https://efail.de/"
},
{
"title": "D\u00e9sactivation du contenu actif dans Thunderbird",
"url": "http://kb.mozillazine.org/Plain_text_e-mail_(Thunderbird)#Displaying_messages"
}
],
"reference": "CERTFR-2018-ALE-007",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
},
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
},
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
},
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
},
{
"description": "Ajout de d\u00e9tails sur la vuln\u00e9rabilit\u00e9",
"revision_date": "2018-05-15T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte.",
"revision_date": "2018-10-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Le 14 mai 2018, un site internet rendait disponible les d\u00e9tails d\u0027une\nattaque baptis\u00e9e EFAIL permettant de compromettre les \u00e9changes de\ncourriels s\u00e9curis\u00e9s par les m\u00e9canismes S/MIME et OpenPGP.\n\nL\u0027attaque permet \u00e0 un acteur malveillant d\u0027obtenir la version d\u00e9chiffr\u00e9e\nd\u0027un message prot\u00e9g\u00e9 par l\u0027un des syst\u00e8mes de chiffrement S/MIME ou\nOpenPGP. Pour cela l\u0027attaquant doit \u00eatre en position *d\u0027homme du milieu*\nc\u0027est \u00e0 dire \u00eatre capable de lire les \u00e9changes courriels entre un\nexp\u00e9diteur et un destinataire.\n\n#### Fuite de donn\u00e9es et contenu actif\n\nUne variante de l\u0027attaque EFAIL tire parti des fonctionnalit\u00e9s des\nclients de messageries qui permettent d\u0027enrichir le contenu textuel d\u0027un\ncourriel en int\u00e9grant du HTML ou encore du CSS. Ces \u00e9l\u00e9ments\nadditionnels sont d\u00e9sign\u00e9s comme contenu actif. \nUn attaquant en mesure d\u0027intercepter un courriel chiffr\u00e9 pourra ainsi y\nconcat\u00e9ner certains \u00e9l\u00e9ments de ces langages, sans modifier la partie\nchiffr\u00e9e. Lors du d\u00e9chiffrement du message par le client de messagerie\nle contenu actif sera ex\u00e9cut\u00e9 et le message clair exfiltr\u00e9. Cette\nvariante fonctionne sur une minorit\u00e9 des clients de messagerie\nvuln\u00e9rables \u00e0 EFAIL.\n\n#### Attaque cryptographique\n\nL\u0027autre variante de l\u0027attaque EFAIL exploite les propri\u00e9t\u00e9s de\nmall\u00e9abilit\u00e9 des chiffrements utilis\u00e9s par S/MIME et OpenPGP afin de\ndirectement modifier le chiffr\u00e9 d\u0027un message sans avoir besoin de\ndisposer des cl\u00e9s cryptographiques. Ces manipulations auront pour\nobjectif d\u0027y ajouter directement le contenu actif malveillant qui, une\nfois d\u00e9chiffr\u00e9, permettra de transmettre les donn\u00e9es vers l\u0027ext\u00e9rieur.\nCette variante est plus complexe \u00e0 exploiter mais concerne la majorit\u00e9\ndes clients de messagerie vuln\u00e9rables \u00e0 EFAIL.\n\n#### Limitations\n\nBien que l\u0027attaque EFAIL mette \u00e0 mal le paradigme d\u0027une communication\ns\u00e9curis\u00e9e de bout-en-bout, les cas d\u0027exploitation ne sont pas triviaux.\n\nL\u0027attaquant doit acc\u00e9der aux mails chiffr\u00e9s soit lors d\u0027une interception\nd\u0027un trafic r\u00e9seau local, soit via Internet en disposant d\u0027acc\u00e8s \u00e0 un\nserveur de relais de messagerie. En fonction du sc\u00e9nario l\u0027attaquant\npourra dans certains cas bloquer temporairement le mail et le modifier,\nou le copier lors de son transit et rejouer la copie vers la victime une\nfois alt\u00e9r\u00e9.\n\nIl est \u00e0 noter que la surface d\u0027attaque est corr\u00e9l\u00e9e avec le nombre de\ndestinataires d\u0027une communication chiffr\u00e9e. En effet, chaque\ndestinataire d\u0027un m\u00eame courriel peut \u00eatre la cible d\u0027une attaque suivant\nle principe d\u0027EFAIL.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans S/MIME et OpenPGP",
"vendor_advisories": [
{
"published_at": null,
"title": "Site d\u00e9taillant le principe de la vuln\u00e9rabilit\u00e9 EFAIL",
"url": null
}
]
}
opensuse-su-2018:1329-1
Vulnerability from csaf_opensuse
Published
2018-05-17 11:35
Modified
2018-05-17 11:35
Summary
Security update for enigmail
Notes
Title of the patch
Security update for enigmail
Description of the patch
This update for enigmail to version 2.0.4 fixes multiple issues.
Security issues fixed:
- CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails.
enigmail now fails on GnuPG integrity check warnings for old Algorithms (bsc#1093151)
- CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (bsc#1093152)
This update also includes new and updated functionality:
- The Encryption and Signing buttons now work for both OpenPGP and S/MIME.
Enigmail will chose between S/MIME or OpenPGP depending on whether the keys
for all recipients are available for the respective standard
- Support for the Autocrypt standard, which is now enabled by default
- Support for Pretty Easy Privacy (p≡p)
- Support for Web Key Directory (WKD)
- The message subject can now be encrypted and replaced with a dummy subject,
following the Memory Hole standard forprotected Email Headers
- keys on keyring are automatically refreshed from keyservers at irregular intervals
- Subsequent updates of Enigmail no longer require a restart of Thunderbird
- Keys are internally addressed using the fingerprint instead of the key ID
Patchnames
openSUSE-2018-470
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for enigmail",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for enigmail to version 2.0.4 fixes multiple issues.\n\nSecurity issues fixed:\n\n- CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails.\n enigmail now fails on GnuPG integrity check warnings for old Algorithms (bsc#1093151)\n- CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (bsc#1093152)\n\nThis update also includes new and updated functionality:\n\n- The Encryption and Signing buttons now work for both OpenPGP and S/MIME.\n Enigmail will chose between S/MIME or OpenPGP depending on whether the keys\n for all recipients are available for the respective standard\n- Support for the Autocrypt standard, which is now enabled by default\n- Support for Pretty Easy Privacy (p\u2261p)\n- Support for Web Key Directory (WKD)\n- The message subject can now be encrypted and replaced with a dummy subject,\n following the Memory Hole standard forprotected Email Headers\n- keys on keyring are automatically refreshed from keyservers at irregular intervals\n- Subsequent updates of Enigmail no longer require a restart of Thunderbird \n- Keys are internally addressed using the fingerprint instead of the key ID",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2018-470",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2018_1329-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2018:1329-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RNZBPQATLVKCT7P5YVUXDDVDFKRPUWP6/#RNZBPQATLVKCT7P5YVUXDDVDFKRPUWP6"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2018:1329-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RNZBPQATLVKCT7P5YVUXDDVDFKRPUWP6/#RNZBPQATLVKCT7P5YVUXDDVDFKRPUWP6"
},
{
"category": "self",
"summary": "SUSE Bug 1093151",
"url": "https://bugzilla.suse.com/1093151"
},
{
"category": "self",
"summary": "SUSE Bug 1093152",
"url": "https://bugzilla.suse.com/1093152"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17688 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17689 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17689/"
}
],
"title": "Security update for enigmail",
"tracking": {
"current_release_date": "2018-05-17T11:35:48Z",
"generator": {
"date": "2018-05-17T11:35:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2018:1329-1",
"initial_release_date": "2018-05-17T11:35:48Z",
"revision_history": [
{
"date": "2018-05-17T11:35:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.aarch64",
"product": {
"name": "enigmail-2.0.4-9.1.aarch64",
"product_id": "enigmail-2.0.4-9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.ppc64le",
"product": {
"name": "enigmail-2.0.4-9.1.ppc64le",
"product_id": "enigmail-2.0.4-9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.s390x",
"product": {
"name": "enigmail-2.0.4-9.1.s390x",
"product_id": "enigmail-2.0.4-9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.x86_64",
"product": {
"name": "enigmail-2.0.4-9.1.x86_64",
"product_id": "enigmail-2.0.4-9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 12",
"product": {
"name": "SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.aarch64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64"
},
"product_reference": "enigmail-2.0.4-9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.ppc64le as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le"
},
"product_reference": "enigmail-2.0.4-9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.s390x as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x"
},
"product_reference": "enigmail-2.0.4-9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
},
"product_reference": "enigmail-2.0.4-9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-17688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17688"
}
],
"notes": [
{
"category": "general",
"text": "The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17688",
"url": "https://www.suse.com/security/cve/CVE-2017-17688"
},
{
"category": "external",
"summary": "SUSE Bug 1093151 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093151"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093971 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093971"
},
{
"category": "external",
"summary": "SUSE Bug 1093973 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093973"
},
{
"category": "external",
"summary": "SUSE Bug 1115719 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1115719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-17T11:35:48Z",
"details": "moderate"
}
],
"title": "CVE-2017-17688"
},
{
"cve": "CVE-2017-17689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17689"
}
],
"notes": [
{
"category": "general",
"text": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17689",
"url": "https://www.suse.com/security/cve/CVE-2017-17689"
},
{
"category": "external",
"summary": "SUSE Bug 1093152 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093152"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093969 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-17T11:35:48Z",
"details": "moderate"
}
],
"title": "CVE-2017-17689"
}
]
}
opensuse-su-2024:10736-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
enigmail-2.2.4-1.4 on GA media
Notes
Title of the patch
enigmail-2.2.4-1.4 on GA media
Description of the patch
These are all security issues fixed in the enigmail-2.2.4-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10736
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "enigmail-2.2.4-1.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the enigmail-2.2.4-1.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10736",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10736-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17688 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17689 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12019 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12020 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12269 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12269/"
}
],
"title": "enigmail-2.2.4-1.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10736-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.2.4-1.4.aarch64",
"product": {
"name": "enigmail-2.2.4-1.4.aarch64",
"product_id": "enigmail-2.2.4-1.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.2.4-1.4.ppc64le",
"product": {
"name": "enigmail-2.2.4-1.4.ppc64le",
"product_id": "enigmail-2.2.4-1.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.2.4-1.4.s390x",
"product": {
"name": "enigmail-2.2.4-1.4.s390x",
"product_id": "enigmail-2.2.4-1.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.2.4-1.4.x86_64",
"product": {
"name": "enigmail-2.2.4-1.4.x86_64",
"product_id": "enigmail-2.2.4-1.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.2.4-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64"
},
"product_reference": "enigmail-2.2.4-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.2.4-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le"
},
"product_reference": "enigmail-2.2.4-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.2.4-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x"
},
"product_reference": "enigmail-2.2.4-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.2.4-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
},
"product_reference": "enigmail-2.2.4-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-17688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17688"
}
],
"notes": [
{
"category": "general",
"text": "The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17688",
"url": "https://www.suse.com/security/cve/CVE-2017-17688"
},
{
"category": "external",
"summary": "SUSE Bug 1093151 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093151"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093971 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093971"
},
{
"category": "external",
"summary": "SUSE Bug 1093973 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093973"
},
{
"category": "external",
"summary": "SUSE Bug 1115719 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1115719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-17688"
},
{
"cve": "CVE-2017-17689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17689"
}
],
"notes": [
{
"category": "general",
"text": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17689",
"url": "https://www.suse.com/security/cve/CVE-2017-17689"
},
{
"category": "external",
"summary": "SUSE Bug 1093152 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093152"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093969 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-17689"
},
{
"cve": "CVE-2018-12019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12019"
}
],
"notes": [
{
"category": "general",
"text": "The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12019",
"url": "https://www.suse.com/security/cve/CVE-2018-12019"
},
{
"category": "external",
"summary": "SUSE Bug 1097525 for CVE-2018-12019",
"url": "https://bugzilla.suse.com/1097525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-12019"
},
{
"cve": "CVE-2018-12020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12020"
}
],
"notes": [
{
"category": "general",
"text": "mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the \"--status-fd 2\" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12020",
"url": "https://www.suse.com/security/cve/CVE-2018-12020"
},
{
"category": "external",
"summary": "SUSE Bug 1096745 for CVE-2018-12020",
"url": "https://bugzilla.suse.com/1096745"
},
{
"category": "external",
"summary": "SUSE Bug 1101134 for CVE-2018-12020",
"url": "https://bugzilla.suse.com/1101134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-12020"
},
{
"cve": "CVE-2019-12269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12269"
}
],
"notes": [
{
"category": "general",
"text": "Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a \"correctly signed\" message indication, but display different unauthenticated text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12269",
"url": "https://www.suse.com/security/cve/CVE-2019-12269"
},
{
"category": "external",
"summary": "SUSE Bug 1135855 for CVE-2019-12269",
"url": "https://bugzilla.suse.com/1135855"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.aarch64",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.ppc64le",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.s390x",
"openSUSE Tumbleweed:enigmail-2.2.4-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-12269"
}
]
}
opensuse-su-2018:1330-1
Vulnerability from csaf_opensuse
Published
2018-05-17 11:35
Modified
2018-05-17 11:35
Summary
Security update for enigmail
Notes
Title of the patch
Security update for enigmail
Description of the patch
This update for enigmail to version 2.0.4 fixes multiple issues.
Security issues fixed:
- CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails.
enigmail now fails on GnuPG integrity check warnings for old Algorithms (bsc#1093151)
- CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (bsc#1093152)
This update also includes new and updated functionality:
- The Encryption and Signing buttons now work for both OpenPGP and S/MIME.
Enigmail will chose between S/MIME or OpenPGP depending on whether the keys
for all recipients are available for the respective standard
- Support for the Autocrypt standard, which is now enabled by default
- Support for Pretty Easy Privacy (p≡p)
- Support for Web Key Directory (WKD)
- The message subject can now be encrypted and replaced with a dummy subject,
following the Memory Hole standard forprotected Email Headers
- keys on keyring are automatically refreshed from keyservers at irregular intervals
- Subsequent updates of Enigmail no longer require a restart of Thunderbird
- Keys are internally addressed using the fingerprint instead of the key ID
Patchnames
openSUSE-2018-470
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for enigmail",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for enigmail to version 2.0.4 fixes multiple issues.\n\nSecurity issues fixed:\n\n- CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails.\n enigmail now fails on GnuPG integrity check warnings for old Algorithms (bsc#1093151)\n- CVE-2017-17689: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (bsc#1093152)\n\nThis update also includes new and updated functionality:\n\n- The Encryption and Signing buttons now work for both OpenPGP and S/MIME.\n Enigmail will chose between S/MIME or OpenPGP depending on whether the keys\n for all recipients are available for the respective standard\n- Support for the Autocrypt standard, which is now enabled by default\n- Support for Pretty Easy Privacy (p\u2261p)\n- Support for Web Key Directory (WKD)\n- The message subject can now be encrypted and replaced with a dummy subject,\n following the Memory Hole standard forprotected Email Headers\n- keys on keyring are automatically refreshed from keyservers at irregular intervals\n- Subsequent updates of Enigmail no longer require a restart of Thunderbird \n- Keys are internally addressed using the fingerprint instead of the key ID",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2018-470",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2018_1330-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2018:1330-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OTHLYEPMU5SK5PDODY44XQQ6DR7FWSLS/#OTHLYEPMU5SK5PDODY44XQQ6DR7FWSLS"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2018:1330-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OTHLYEPMU5SK5PDODY44XQQ6DR7FWSLS/#OTHLYEPMU5SK5PDODY44XQQ6DR7FWSLS"
},
{
"category": "self",
"summary": "SUSE Bug 1093151",
"url": "https://bugzilla.suse.com/1093151"
},
{
"category": "self",
"summary": "SUSE Bug 1093152",
"url": "https://bugzilla.suse.com/1093152"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17688 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17689 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17689/"
}
],
"title": "Security update for enigmail",
"tracking": {
"current_release_date": "2018-05-17T11:35:48Z",
"generator": {
"date": "2018-05-17T11:35:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2018:1330-1",
"initial_release_date": "2018-05-17T11:35:48Z",
"revision_history": [
{
"date": "2018-05-17T11:35:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.aarch64",
"product": {
"name": "enigmail-2.0.4-9.1.aarch64",
"product_id": "enigmail-2.0.4-9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.ppc64le",
"product": {
"name": "enigmail-2.0.4-9.1.ppc64le",
"product_id": "enigmail-2.0.4-9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.s390x",
"product": {
"name": "enigmail-2.0.4-9.1.s390x",
"product_id": "enigmail-2.0.4-9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "enigmail-2.0.4-9.1.x86_64",
"product": {
"name": "enigmail-2.0.4-9.1.x86_64",
"product_id": "enigmail-2.0.4-9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 12",
"product": {
"name": "SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.aarch64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64"
},
"product_reference": "enigmail-2.0.4-9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.ppc64le as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le"
},
"product_reference": "enigmail-2.0.4-9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.s390x as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x"
},
"product_reference": "enigmail-2.0.4-9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "enigmail-2.0.4-9.1.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
},
"product_reference": "enigmail-2.0.4-9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-17688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17688"
}
],
"notes": [
{
"category": "general",
"text": "The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17688",
"url": "https://www.suse.com/security/cve/CVE-2017-17688"
},
{
"category": "external",
"summary": "SUSE Bug 1093151 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093151"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093971 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093971"
},
{
"category": "external",
"summary": "SUSE Bug 1093973 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1093973"
},
{
"category": "external",
"summary": "SUSE Bug 1115719 for CVE-2017-17688",
"url": "https://bugzilla.suse.com/1115719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-17T11:35:48Z",
"details": "moderate"
}
],
"title": "CVE-2017-17688"
},
{
"cve": "CVE-2017-17689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17689"
}
],
"notes": [
{
"category": "general",
"text": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17689",
"url": "https://www.suse.com/security/cve/CVE-2017-17689"
},
{
"category": "external",
"summary": "SUSE Bug 1093152 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093152"
},
{
"category": "external",
"summary": "SUSE Bug 1093727 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093727"
},
{
"category": "external",
"summary": "SUSE Bug 1093969 for CVE-2017-17689",
"url": "https://bugzilla.suse.com/1093969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12:enigmail-2.0.4-9.1.aarch64",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.ppc64le",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.s390x",
"SUSE Package Hub 12:enigmail-2.0.4-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-17T11:35:48Z",
"details": "moderate"
}
],
"title": "CVE-2017-17689"
}
]
}
fkie_cve-2017-17689
Vulnerability from fkie_nvd
Published
2018-05-16 19:29
Modified
2024-11-21 03:18
Severity ?
Summary
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104165 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://efail.de | Exploit, Mitigation, Third Party Advisory | |
| cve@mitre.org | https://news.ycombinator.com/item?id=17066419 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://pastebin.com/gNCc8aYm | Third Party Advisory | |
| cve@mitre.org | https://twitter.com/matthew_d_green/status/996371541591019520 | Third Party Advisory | |
| cve@mitre.org | https://www.synology.com/support/security/Synology_SA_18_22 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104165 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://efail.de | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://news.ycombinator.com/item?id=17066419 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pastebin.com/gNCc8aYm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/matthew_d_green/status/996371541591019520 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.synology.com/support/security/Synology_SA_18_22 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 9folders | nine | - | |
| apple | - | ||
| apple | - | ||
| bloop | airmail | - | |
| emclient | emclient | - | |
| flipdogsolutions | maildroid | - | |
| freron | mailmate | - | |
| gnome | evolution | - | |
| gmail | - | ||
| horde | horde_imp | - | |
| ibm | notes | - | |
| kde | kmail | - | |
| kde | trojita | - | |
| microsoft | outlook | 2007 | |
| microsoft | outlook | 2010 | |
| microsoft | outlook | 2013 | |
| microsoft | outlook | 2016 | |
| mozilla | thunderbird | - | |
| postbox-inc | postbox | - | |
| r2mail2 | r2mail2 | - | |
| ritlabs | the_bat | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:9folders:nine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE489EA-2250-4BF0-800C-EDA6EA7D6AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*",
"matchCriteriaId": "217117AE-C16C-4265-A9A9-152D06FCD64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "081D62F6-B751-4109-B10B-3CF9535B3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F389CED1-846A-4807-B8E7-00FBECAA41A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*",
"matchCriteriaId": "930AFDDA-C32A-45E7-BA6E-5827E59B573B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED2616EA-332D-4D6E-B66C-137A166E181D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C26D918-1548-4A62-BC5C-72DF9168A34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:evolution:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38B06B0D-E60A-4B61-9E39-F5116C8F22A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:gmail:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C671802A-2362-4E66-B5D5-079E5E6B89A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDAD39AA-B9FD-492B-9BDA-57F74F4FABE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:notes:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91669C83-56A0-4087-8B6D-2012EB0AE9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kmail:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F01C924-2AE4-4214-9139-ED08293D198C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:trojita:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93076D12-C4AD-4DE8-A76C-9819493FF516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "D789259A-034E-40BB-9DFF-76B3104B212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "3A009EAF-41A1-4E6D-B1EB-A2DACE197A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD3770E-9513-43B2-BC9E-0CA3F63D59FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B1657C-0FF4-461A-BE2A-641275C4B0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF583CDC-DE9E-45AB-9861-CB203BFA8862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BA111F-A9FB-457D-818E-412195F9EA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19296516-EAD4-4B08-8D9A-5E853C7BEF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ritlabs:the_bat:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A3CC49-2FAC-40C9-9CDA-E4440577205E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL."
},
{
"lang": "es",
"value": "La especificaci\u00f3n S/MIME permite un ataque malleability-gadget Cipher Block Chaining (CBC) que puede conducir indirectamente a la exfiltraci\u00f3n en texto plano. Esto tambi\u00e9n se conoce como EFAIL."
}
],
"id": "CVE-2017-17689",
"lastModified": "2024-11-21T03:18:27.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-16T19:29:00.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104165"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://efail.de"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://pastebin.com/gNCc8aYm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://efail.de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pastebin.com/gNCc8aYm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cnvd-2018-09540
Vulnerability from cnvd
Title
S/MIME信息泄露漏洞
Description
S/MIME是用于邮件加密的证书实现。
S/MIME中存在安全漏洞。攻击者可利用该漏洞从加密的邮件中获取明文形式的消息。
Severity
中
VLAI Severity ?
Formal description
厂商尚未提供漏洞修补方案,请关注厂商主页及时更新: https://www.openpgp.org/
Reference
https://www.kb.cert.org/vuls/id/122919
Impacted products
| Name | OpenPGP S/MIME |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-17689"
}
},
"description": "S/MIME\u662f\u7528\u4e8e\u90ae\u4ef6\u52a0\u5bc6\u7684\u8bc1\u4e66\u5b9e\u73b0\u3002\r\n\r\nS/MIME\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ece\u52a0\u5bc6\u7684\u90ae\u4ef6\u4e2d\u83b7\u53d6\u660e\u6587\u5f62\u5f0f\u7684\u6d88\u606f\u3002",
"discovererName": "Damian Poddebniak, Christian Dresen, Jens M\u00c3\u00bcller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jorg Schwenk.",
"formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a \r\nhttps://www.openpgp.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-09540",
"openTime": "2018-05-16",
"products": {
"product": "OpenPGP S/MIME"
},
"referenceLink": "https://www.kb.cert.org/vuls/id/122919",
"serverity": "\u4e2d",
"submitTime": "2018-05-16",
"title": "S/MIME\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
var-201805-0228
Vulnerability from variot
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user's e-mail client. The discoverer can attack with this vulnerability "CBC/CFB gadget attack" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * CVE-2017-17688: OpenPGP CFB Attacks * CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, Articles provided by the discoverer Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. S/MIME is a certificate implementation for email encryption. A security vulnerability exists in S/MIME. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4244-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 13, 2018 https://www.debian.org/security/faq
Package : thunderbird CVE ID : CVE-2017-17689 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.
For the stable distribution (stretch), these problems have been fixed in version 1:52.9.1-1~deb9u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltI+2sACgkQEMKTtsN8 TjZXHRAAgOmSvTwwmmzxRH/4tSSpndZCFCtkHrG5PU5D3XesLGnWpNZk9aINsaU2 ih3fmEKzQgHHfAzK3d9TcGjyiI+PoVuWkVknsVqTrHd+xQtxUs7B/5Pfz5WKiYDJ QJ4NhjTgHHystYa0j2CvK28/ZoPVZgwnc/D051ChTInPWXimJI+TxpsndW/NPuaJ SphoPP34OMO2EARjrKCxiL6NRv6kD4CJv0AgoYfdO0qPXomuA8HpDAH1itd7GbRq yVJoZRnpz9dGjJSM5wyFCc1BIqmA/CMphhmqiRTuFBA+rOSEDblzfc2tg9t82CVQ caA7rF3VrYx8qmgpP3akCju+SDOEWLerFGHH1iaQ+GBqiXvduvMl/MSXCZmVZzIC 92Ko2m9kURkak4yKccEbHJ5Vh8i0oLUOc+Ee3MUUfWUblYbCcB4z34p9hRwc8u83 mmGUbsq+qWvdcd9NkekKC/ENQZt4Egb3doeEzqSkaa4uhFaQ1gGosHXGslNTCqLl 6RyeFON9Q5CWphQET+rmnlcJ8B1cSHgpG1ZTN6szlsQpiVgcRu/JYrgyzX9Y6WdY rAape6t+gsEeLOP7n9pZ/KYSadUF5CvYY/nX9H6kJO1RmG9y0A+8wAEuW+nSOMMJ vh2U09+y5XJHQqV0MMTKbnadxlyi8Oerc0zrYaoBuYhR7wmvkus= =R2OH -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0228",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "the bat",
"scope": "eq",
"trust": 1.6,
"vendor": "ritlabs",
"version": null
},
{
"model": "outlook",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "2013"
},
{
"model": "trojita",
"scope": "eq",
"trust": 1.0,
"vendor": "kde",
"version": null
},
{
"model": "emclient",
"scope": "eq",
"trust": 1.0,
"vendor": "emclient",
"version": null
},
{
"model": "outlook",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": null
},
{
"model": "evolution",
"scope": "eq",
"trust": 1.0,
"vendor": "gnome",
"version": null
},
{
"model": "airmail",
"scope": "eq",
"trust": 1.0,
"vendor": "bloop",
"version": null
},
{
"model": "mailmate",
"scope": "eq",
"trust": 1.0,
"vendor": "freron",
"version": null
},
{
"model": "kmail",
"scope": "eq",
"trust": 1.0,
"vendor": "kde",
"version": null
},
{
"model": "outlook",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2010"
},
{
"model": "imp",
"scope": "eq",
"trust": 1.0,
"vendor": "horde",
"version": null
},
{
"model": "nine",
"scope": "eq",
"trust": 1.0,
"vendor": "9folders",
"version": null
},
{
"model": "maildroid",
"scope": "eq",
"trust": 1.0,
"vendor": "flipdogsolutions",
"version": null
},
{
"model": "r2mail2",
"scope": "eq",
"trust": 1.0,
"vendor": "r2mail2",
"version": null
},
{
"model": "mail",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": null
},
{
"model": "notes",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": null
},
{
"model": "outlook",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2007"
},
{
"model": "postbox",
"scope": "eq",
"trust": 1.0,
"vendor": "postbox",
"version": null
},
{
"model": "gmail",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9folders",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "airmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "evolution",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "flipdog",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gpgtools",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnupg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mailmate",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postbox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "r2mail2",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ritlabs srl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "roundcube",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the enigmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the horde",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trojita",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "em client",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "r2mail2",
"scope": "eq",
"trust": 0.3,
"vendor": "r2mail2",
"version": "0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.5.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.20"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.13"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.12"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.024"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.15"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "52"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "45.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "32.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.19"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.18"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.17"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.16"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.15"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.10"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "23.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.23"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.22"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.21"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.20"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.12"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"model": "outlook",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20100"
},
{
"model": "outlook",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20070"
},
{
"model": "kmail",
"scope": null,
"trust": 0.3,
"vendor": "kde",
"version": null
},
{
"model": "lotus inotes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "gmail for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "mailmate",
"scope": "eq",
"trust": 0.3,
"vendor": "freron",
"version": "0"
},
{
"model": "mail",
"scope": null,
"trust": 0.3,
"vendor": "apple",
"version": null
},
{
"model": "airmail",
"scope": "eq",
"trust": 0.3,
"vendor": "airmail",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#122919"
},
{
"db": "BID",
"id": "104165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Damian Poddebniak, Christian Dresen, Jens Muller, Fabian Ising, Sebastian Schinzel1, Simon Friedberger, Juraj Somorovsky, and Jorg Schwenk",
"sources": [
{
"db": "BID",
"id": "104165"
}
],
"trust": 0.3
},
"cve": "CVE-2017-17689",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-17689",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-108736",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-17689",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17689",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-724",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108736",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-17689",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. In multiple mail clients OpenPGP and S/MIME A plaintext message may be leaked when decrypting the message. OpenPGP and S/MIME For e-mail clients that support, it is possible to establish a channel for sending plaintext by decrypting encrypted e-mail inserted with content crafted by an attacker with the user\u0027s e-mail client. The discoverer can attack with this vulnerability \"CBC/CFB gadget attack\" I call it. For example HTML image By inserting a tag, the decrypted message is HTTP It may be sent as part of the request. * *CVE-2017-17688: OpenPGP CFB Attacks * *CVE-2017-17689: S/MIME CBC Attacks Some email clients also use multipart MIME Because the message is not properly separated and processed, attackers can process encrypted mail in plain text. MIME It can be included in the part. in this case, CBC/CFB gadget attack The plaintext message may be sent without executing. Detail is, \u003ca href=\"https://efail.de/efail-attack-paper.pdf\" target=\"blank\"\u003e Articles provided by the discoverer \u003c/a\u003e Please refer to.A remote attacker may obtain plaintext from encrypted mail without the key information required for decryption. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. S/MIME is a certificate implementation for email encryption. A security vulnerability exists in S/MIME. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4244-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 13, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : thunderbird\nCVE ID : CVE-2017-17689 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 \n CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 \n CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1:52.9.1-1~deb9u1. \n\nWe recommend that you upgrade your thunderbird packages. \n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltI+2sACgkQEMKTtsN8\nTjZXHRAAgOmSvTwwmmzxRH/4tSSpndZCFCtkHrG5PU5D3XesLGnWpNZk9aINsaU2\nih3fmEKzQgHHfAzK3d9TcGjyiI+PoVuWkVknsVqTrHd+xQtxUs7B/5Pfz5WKiYDJ\nQJ4NhjTgHHystYa0j2CvK28/ZoPVZgwnc/D051ChTInPWXimJI+TxpsndW/NPuaJ\nSphoPP34OMO2EARjrKCxiL6NRv6kD4CJv0AgoYfdO0qPXomuA8HpDAH1itd7GbRq\nyVJoZRnpz9dGjJSM5wyFCc1BIqmA/CMphhmqiRTuFBA+rOSEDblzfc2tg9t82CVQ\ncaA7rF3VrYx8qmgpP3akCju+SDOEWLerFGHH1iaQ+GBqiXvduvMl/MSXCZmVZzIC\n92Ko2m9kURkak4yKccEbHJ5Vh8i0oLUOc+Ee3MUUfWUblYbCcB4z34p9hRwc8u83\nmmGUbsq+qWvdcd9NkekKC/ENQZt4Egb3doeEzqSkaa4uhFaQ1gGosHXGslNTCqLl\n6RyeFON9Q5CWphQET+rmnlcJ8B1cSHgpG1ZTN6szlsQpiVgcRu/JYrgyzX9Y6WdY\nrAape6t+gsEeLOP7n9pZ/KYSadUF5CvYY/nX9H6kJO1RmG9y0A+8wAEuW+nSOMMJ\nvh2U09+y5XJHQqV0MMTKbnadxlyi8Oerc0zrYaoBuYhR7wmvkus=\n=R2OH\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17689"
},
{
"db": "CERT/CC",
"id": "VU#122919"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"db": "BID",
"id": "104165"
},
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"db": "PACKETSTORM",
"id": "148553"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17689",
"trust": 3.0
},
{
"db": "BID",
"id": "104165",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#122919",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU95575473",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "148553",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-108736",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-17689",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#122919"
},
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"db": "BID",
"id": "104165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"db": "PACKETSTORM",
"id": "148553"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"id": "VAR-201805-0228",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-108736"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:59:49.596000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: CVE-2017-17689",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-17689"
},
{
"title": "Efail-malleability-gadget-exploit",
"trust": 0.1,
"url": "https://github.com/jaads/Efail-malleability-gadget-exploit "
},
{
"title": "SecDB - Security Feeds",
"trust": 0.1,
"url": "https://github.com/giterlizzi/secdb-feeds "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-17689"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://efail.de/"
},
{
"trust": 1.9,
"url": "https://efail.de/efail-attack-paper.pdf"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/104165"
},
{
"trust": 1.8,
"url": "https://www.synology.com/support/security/synology_sa_18_22"
},
{
"trust": 1.8,
"url": "https://efail.de"
},
{
"trust": 1.8,
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"trust": 1.8,
"url": "https://pastebin.com/gncc8aym"
},
{
"trust": 1.8,
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"trust": 1.2,
"url": "https://www.kb.cert.org/vuls/id/122919"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17689"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc4880"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17689"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17688"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95575473/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17688"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577909"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-17689"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/jaads/efail-malleability-gadget-exploit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12365"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12373"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12372"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12374"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12364"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12359"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/thunderbird"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#122919"
},
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"db": "BID",
"id": "104165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"db": "PACKETSTORM",
"id": "148553"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#122919"
},
{
"db": "VULHUB",
"id": "VHN-108736"
},
{
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"db": "BID",
"id": "104165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"db": "PACKETSTORM",
"id": "148553"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#122919"
},
{
"date": "2018-05-16T00:00:00",
"db": "VULHUB",
"id": "VHN-108736"
},
{
"date": "2018-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"date": "2018-05-14T00:00:00",
"db": "BID",
"id": "104165"
},
{
"date": "2018-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"date": "2018-07-14T12:12:00",
"db": "PACKETSTORM",
"id": "148553"
},
{
"date": "2017-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"date": "2018-05-16T19:29:00.303000",
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#122919"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-108736"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-17689"
},
{
"date": "2018-05-14T00:00:00",
"db": "BID",
"id": "104165"
},
{
"date": "2018-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012995"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-724"
},
{
"date": "2024-11-21T03:18:27.893000",
"db": "NVD",
"id": "CVE-2017-17689"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenPGP and S/MIME mail client vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#122919"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-724"
}
],
"trust": 0.6
}
}
gsd-2017-17689
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-17689",
"description": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"id": "GSD-2017-17689",
"references": [
"https://www.suse.com/security/cve/CVE-2017-17689.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-17689"
],
"details": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",
"id": "GSD-2017-17689",
"modified": "2023-12-13T01:21:04.417002Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://news.ycombinator.com/item?id=17066419",
"refsource": "MISC",
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"name": "https://pastebin.com/gNCc8aYm",
"refsource": "MISC",
"url": "https://pastebin.com/gNCc8aYm"
},
{
"name": "104165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104165"
},
{
"name": "https://twitter.com/matthew_d_green/status/996371541591019520",
"refsource": "MISC",
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"name": "https://efail.de",
"refsource": "MISC",
"url": "https://efail.de"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_22",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnome:evolution:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:notes:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:9folders:nine:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kde:kmail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ritlabs:the_bat:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:outlook:2010:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:gmail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kde:trojita:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17689"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/matthew_d_green/status/996371541591019520",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/matthew_d_green/status/996371541591019520"
},
{
"name": "https://pastebin.com/gNCc8aYm",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://pastebin.com/gNCc8aYm"
},
{
"name": "https://news.ycombinator.com/item?id=17066419",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://news.ycombinator.com/item?id=17066419"
},
{
"name": "https://efail.de",
"refsource": "MISC",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://efail.de"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_22",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_22"
},
{
"name": "104165",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104165"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2018-05-16T19:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…