CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block (that the attacker cannot directly decrypt) to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted text, aka the TBE-01-005 "replay" issue.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:enigmail:enigmail:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2017-12-27 09:08

Updated : 2019-10-02 17:03


NVD link : CVE-2017-17844

Mitre link : CVE-2017-17844


JSON object : View

CWE
CWE-319

Cleartext Transmission of Sensitive Information

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

enigmail

  • enigmail