Lucene search
MitreCVELIST:CVE-2017-17844HistoryDec 22, 2017 - 11:00 p.m.
CVE-2017-17844
2017-12-2223:00:00
mitre
www.cve.org
8
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block (that the attacker cannot directly decrypt) to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted text, aka the TBE-01-005 “replay” issue.
References
enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
lists.debian.org/debian-lts-announce/2017/12/msg00021.html
lists.debian.org/debian-security-announce/2017/msg00333.html
www.debian.org/security/2017/dsa-4070
www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
Related
ubuntucve
ubuntucve
CVE-2017-17844
2017-12-27 00:00:00
cve
cve
CVE-2017-17844
2017-12-27 17:08:19
prion
prion
Design/Logic Flaw
2017-12-27 17:08:00
debiancve
debiancve
CVE-2017-17844
2017-12-27 17:08:19
nvd
nvd
CVE-2017-17844
2017-12-27 17:08:19
osv
osv
enigmail - security update
2017-12-21 00:00:00
enigmail - security update
2017-12-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1219-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-4070-1)
2017-12-20 00:00:00
Mageia: Security Advisory (MGASA-2017-0477)
2022-01-28 00:00:00
nessus
nessus
Debian DSA-4070-1 : enigmail - security update
2017-12-26 00:00:00
Debian DLA-1219-1 : enigmail security update
2017-12-26 00:00:00
debian
debian
[SECURITY] [DLA 1219-1] enigmail security update
2017-12-23 11:35:08
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2017-12-31 03:10:15