11 matches found
Mageia: Security Advisory (MGASA-2018-0354)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : enigmail (openSUSE-2019-477)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures : - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
Fedora 28 : thunderbird-enigmail (2018-a4bb79ea75)
Security fix CVE-2018-12019 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 27 : thunderbird-enigmail (2018-fd67c19256)
Security fix CVE-2018-12019 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Update for thunderbird-enigmail FEDORA-2018-fd67c19256
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : enigmail (openSUSE-2018-630)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures : - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
openSUSE: Security Advisory for enigmail (openSUSE-SU-2018:1708-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for enigmail (moderate)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
Security update for enigmail (moderate)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
CVE-2018-12019
The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids...
CVE-2018-12019
CVE-2018-12019 affects Enigmail (Thunderbird integration) prior to 2.0.7. The vulnerability resides in the signature verification routine, which misinterprets OpenPGP user IDs as status/control messages and fails to correctly track the status of multiple signatures. This enables remote attackers ...