10 matches found
UBUNTU-CVE-2024-49393
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality...
SuSE 11.2 / 11.3 Security Update : openssl-certs (SAT Patch Numbers 8681 / 8682)
openssl-certs was updated with the current certificate data available from mozilla.org. Changes : - Updated certificates to revision 1.95 Distrust a sub-ca that issued google.com certificates. 'Distrusted AC DG Tresor SSL'. bnc854367 Many CA updates from Mozilla : - new:...
openSUSE: Security Advisory for ca-certificates-mozilla (openSUSE-SU-2013:1891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ca-certificates-mozilla: add, remove or blacklist some certificates (important)
The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. distrust: AC DG Tresor SSL bnc854367 new:...
DEBIAN-CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail...
CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail...
UBUNTU-CVE-2012-6579
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service loss of e-mail readability, via an e-mail message to a queue's address...
UBUNTU-CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail...
CVE-2012-6581
Best Practical Solutions RT: Affected versions are RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 with GnuPG enabled. The vulnerability lets remote attackers bypass restrictions on reading keys in the keyring and trigger outbound e‑mail messages signed by an arbitrary stored secret key by abusing ...
DSA-2567-1 request-tracker3.8 - several
Bulletin has no description...