CVE-2019-11755
CVSS v3.1
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.64 % (80th)
Affected Products
1
Advisories
7
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.
Weaknesses
- CWE-347
- Improper Verification of Cryptographic Signature
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2019-09-27 18:15:14
(5 years ago) - Updated Date
-
2020-08-24 17:37:01
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...