Описание
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network.
Ссылки
- Patch
- Exploit
- Patch
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:enigmail:enigmail:1.7:*:*:*:*:*:*:*
cpe:2.3:a:enigmail:enigmail:1.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00582
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
ubuntu
больше 11 лет назад
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network.
debian
больше 11 лет назад
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption ...
github
больше 3 лет назад
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network.
EPSS
Процентиль: 68%
0.00582
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310