CVE-2017-17688

** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:mail:-:*:*:*:*:*:*:*
cpe:2.3:a:apple:mail:-:*:*:*:*:iphone_os:*:*
cpe:2.3:a:bloop:airmail:-:*:*:*:*:*:*:*
cpe:2.3:a:emclient:emclient:-:*:*:*:*:*:*:*
cpe:2.3:a:flipdogsolutions:maildroid:-:*:*:*:*:*:*:*
cpe:2.3:a:freron:mailmate:-:*:*:*:*:*:*:*
cpe:2.3:a:horde:horde_imp:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*
cpe:2.3:a:postbox-inc:postbox:-:*:*:*:*:*:*:*
cpe:2.3:a:r2mail2:r2mail2:-:*:*:*:*:*:*:*
cpe:2.3:a:roundcube:webmail:-:*:*:*:*:*:*:*

Information

Published : 2018-05-16 19:29

Updated : 2019-10-03 00:03


NVD link : CVE-2017-17688

Mitre link : CVE-2017-17688


JSON object : View

Products Affected

flipdogsolutions

  • maildroid

roundcube

  • webmail

apple

  • mail

emclient

  • emclient

bloop

  • airmail

horde

  • horde_imp

freron

  • mailmate

mozilla

  • thunderbird

postbox-inc

  • postbox

microsoft

  • outlook

r2mail2

  • r2mail2