Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2020/04/04 5:18 p.m.32 views

CVE-2017-17688

DISPUTED The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an...

5.9CVSS1AI score0.05572EPSS
Exploits2References2
Prion
Prion
added 2018/05/16 7:29 p.m.27 views

Design/Logic Flaw

DISPUTED The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an...

4.3CVSS6.1AI score0.05572EPSS
Exploits2References10Affected Software1
UbuntuCve
UbuntuCve
added 2018/05/16 7:29 p.m.28 views

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.9CVSS6.6AI score0.05572EPSS
Exploits2References2
Prion
Prion
added 2018/05/16 7:29 p.m.26 views

Design/Logic Flaw

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

4.3CVSS5.8AI score0.04219EPSS
Exploits2References6Affected Software1
NVD
NVD
added 2018/05/16 7:29 p.m.28 views

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.9CVSS6.5AI score0.05572EPSS
Exploits2References10
NVD
NVD
added 2018/05/16 7:29 p.m.24 views

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

5.9CVSS6.5AI score0.04219EPSS
Exploits2References6
CVE
CVE
added 2018/05/16 7:0 p.m.108 views

CVE-2017-17688

CVE-2017-17688 concerns an OpenPGP CFB gadget/malleability attack (EFAIL) that can lead to plaintext exfiltration from encrypted emails. Connected advisories show Enigmail/OpenPGP patches (e.g., openSUSE SUSE/OpenSUSE-2019-368/395; Thunderbird enigmail updates) addressing this vulnerability by ti...

5.9CVSS5.7AI score0.05572EPSS
Exploits2References10Affected Software11
Cvelist
Cvelist
added 2018/05/16 7:0 p.m.37 views

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

5.8AI score0.04219EPSS
Exploits2References6
Cvelist
Cvelist
added 2018/05/16 7:0 p.m.38 views

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.8AI score0.05572EPSS
Exploits2References10
Debian CVE
Debian CVE
added 2018/05/16 7:0 p.m.29 views

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.9CVSS6AI score0.05572EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2018/05/14 12:51 p.m.33 views

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. Mitigation The easiest way to mitigate this vulnerability is not to use HTML emails. If you really need to use them ensure that MUA clients disable...

7.5CVSS1.4AI score0.04219EPSS
Exploits2References2
Rows per page
Query Builder