RSS   Vulnerabilities for 'Horde imp'   RSS

2018-05-16
 
CVE-2017-17689

CWE-noinfo
 

 
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

 
 
CVE-2017-17688

CWE-noinfo
 

 
** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification.

 

 >>> Vendor: Horde 32 Products
Horde
IMP
Application framework
Passwd
Kronolith
Turba
Accounts
Chora
Forwards
Mnemo
Vaction
NAG
Kronolith h3
Horde application framework
Nag task list manager h3
Turba h3
Ingo h3
Groupware
Framework
Groupware webmail edition
Turba contact manager
Turba contact manager h3
Mnemo h3
Nag h3
Horde groupware
Gollem
Dynamic imp
Kronolith h4
Internet mail program
Horde image api
Horde image
Horde imp


Copyright 2019, cxsecurity.com

 

Back to Top