19 matches found
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
EUVD-2020-12600
Malware in sbrugna...
EUVD-2018-16007
Malware in sbrugna...
EUVD-2019-18032
Malware in sbrugna...
CVE-2019-8642
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...
Thunderbird: Revocation status of S/Mime recipient certificates was not checked
The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...
Updated thunderbird packages fix security vulnerability
Fullscreen notification obscured. CVE-2023-29533 Double-free in libwebp. MFSA-TMP-2023-0001 Potential Memory Corruption following Garbage Collector compaction. CVE-2023-29535 Invalid free from JavaScript code. CVE-2023-29536 Revocation status of S/Mime recipient certificates was not checked...
CVE-2019-8642
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...
CVE-2019-8642
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...
The vulnerability of the CertificateResourceHandler function, which processes MIME certificates, allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the CertificateResourceHandler function, which processes MIME certificates, in Google Chrome browsers is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
CVE-2020-12619
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the...
Code injection
eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...
Code injection
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the...
CVE-2018-4221
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates...
Apple iOS and macOS High Sierra Security S-MIME Certificate Handling Vulnerability
Apple iOS and macOS High Sierra are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS High Sierra is a specialized operating system for Mac computers. security is an information security and privacy component. Security is an information security and privacy...
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...
Double free
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...
CVE-2013-3870
CVE-2013-3870 is a remote-code-execution vulnerability in Microsoft Outlook caused by a double-free in the S/MIME certificate parsing path. Affects Outlook 2007 SP3 and Outlook 2010 SP1/SP2 (Office/Outlook components). Exploitation could occur when processing specially crafted S/MIME email messag...