Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
References
Configurations
History
07 Nov 2023, 03:03
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-05-21 20:29
Updated : 2024-02-28 17:08
NVD link : CVE-2019-12269
Mitre link : CVE-2019-12269
CVE.ORG link : CVE-2019-12269
JSON object : View
Products Affected
enigmail
- enigmail
CWE
CWE-347
Improper Verification of Cryptographic Signature