6 matches found
CVE-2017-17689
CVE-2017-17689 arises from S/MIME CBC gadget attacks (EFAIL) that can lead to plaintext exfiltration. Connected sources show this affecting KDE PIM/KMail components and related mail tooling across Linux/macOS ecosystems, with public advisories describing how S/MIME/CBC malleability could leak pla...
CVE-2017-17688
CVE-2017-17688 concerns an OpenPGP CFB gadget/malleability attack (EFAIL) that can lead to plaintext exfiltration from encrypted emails. Connected advisories show Enigmail/OpenPGP patches (e.g., openSUSE SUSE/OpenSUSE-2019-368/395; Thunderbird enigmail updates) addressing this vulnerability by ti...
CVE-2005-2512
The CVE-2005-2512 entry concerns Mail.app on macOS 10.4.2 and earlier. The issue: when printing or forwarding an HTML message, Mail.app loads remote images even if the user’s preferences say otherwise, creating a potential privacy leak. The connected documents confirm the affected product and the...
CVE-2008-0039
CVE-2008-0039 affects Apple Mail on Mac OS X (noted for 10.4.11) with a remote command execution risk via a crafted file:// URL in email content. Connected sources also reference Mac OS X 10.5.x security updates and an update (SecUpdate 2008-001) as remediation; some entries describe broader Mac ...
CVE-2008-4491
CVE-2008-4491 affects Apple Mail.app 3.5 on Mac OS X. When “Store draft messages on the server” is enabled, draft copies of S/MIME mail are stored in plaintext on the mail server, allowing server admins and remote MITM attackers to read sensitive mail. The provided documents do not include exploi...
CVE-2010-3887
The CVE-2010-3887 issue affects the Limit Mail feature in the Parental Controls of Mail on Apple Mac OS X. Root cause: the correspondence whitelist is not properly enforced. Impact: remote attackers could bypass access restrictions and conduct e-mail communication by knowing a child’s and a paren...