Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2019-10734
HistoryApr 07, 2019 - 3:29 p.m.

CVE-2019-10734

2019-04-0715:29:00
CWE-319
mitre
web.nvd.nist.gov
27
kde trojita
cve-2019-10734
email security
s/mime
pgp
encryption
html
css
ascii
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

36.6%

JSON

In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Affected configurations

Nvd
Node
trojita_projecttrojitaMatch0.7
VendorProductVersionCPE
trojita_projecttrojita0.7cpe:2.3:a:trojita_project:trojita:0.7:*:*:*:*:*:*:*

Related

openvas 3
prion 1
mageia 1
osv 1
cvelist 1
nvd 1
ubuntucve 1
fedora 2
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0214)
2022-06-06 00:00:00
Fedora: Security Advisory for trojita (FEDORA-2022-46fefaadfd)
2022-02-04 00:00:00
Fedora: Security Advisory for trojita (FEDORA-2022-7f67e9e695)
2022-02-04 00:00:00
prion
prion
Design/Logic Flaw
2019-04-07 15:29:00
mageia
mageia
Updated trojita packages fix security vulnerability
2022-06-03 20:15:11
osv
osv
CVE-2019-10734
2019-04-07 15:29:00
cvelist
cvelist
CVE-2019-10734
2019-04-07 14:34:33
nvd
nvd
CVE-2019-10734
2019-04-07 15:29:00
ubuntucve
ubuntucve
CVE-2019-10734
2019-04-07 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: trojita-0.7.0.1-0.13.20220117git266c757.fc34
2022-02-04 01:24:11
[SECURITY] Fedora 35 Update: trojita-0.7.0.1-0.13.20220117git266c757.fc35
2022-02-04 01:25:02

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

36.6%

JSON
Related for CVE-2019-10734
openvas3prion1mageia1osv1cvelist1nvd1ubuntucve1fedora2