CVE-2017-17844

🗓️ 22 Dec 2017 23:00:00Reported by mitreType

A security flaw in Enigmail before 1.9.9 allows remote attackers to obtain cleartext content by sending encrypted data blocks and relying on the victim to automatically decrypt and send it back as quoted text

Reporter	Title	Published	Views	Family All 14
CVE	CVE-2017-17844	27 Dec 201717:08	–	cve
UbuntuCve	CVE-2017-17844	27 Dec 201700:00	–	ubuntucve
Prion	Design/Logic Flaw	27 Dec 201717:08	–	prion
Debian CVE	CVE-2017-17844	27 Dec 201717:08	–	debiancve
NVD	CVE-2017-17844	27 Dec 201717:08	–	nvd
OSV	enigmail - security update	21 Dec 201700:00	–	osv
OSV	enigmail - security update	23 Dec 201700:00	–	osv
Tenable Nessus	Debian DLA-1219-1 : enigmail security update	26 Dec 201700:00	–	nessus
Tenable Nessus	Debian DSA-4070-1 : enigmail - security update	26 Dec 201700:00	–	nessus
OpenVAS	Debian: Security Advisory (DLA-1219-1)	8 Mar 202300:00	–	openvas

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2017/12/msg00021.html
debian	www.debian.org/security/2017/dsa-4070
mail-archive	www.mail-archive.com/enigmail-users%40enigmail.net/msg04280.html
enigmail	www.enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
lists	www.lists.debian.org/debian-security-announce/2017/msg00333.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Dec 2017 23:00Current

6.8Medium risk

Vulners AI Score6.8

EPSS0.00251