CVSS: 5.9EPSS: 1%CPEs: 12EXPL: 1CVE-2017-17688
https://notcve.org/view.php?id=CVE-2017-17688
16 May 2018 — The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification ** EN DISPUTA ** La especificación OpenPGP permite un ataque malleability-gadget Cipher Feedback Mode (CFB) que puede conducir indirectamente a la exfiltra... • http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html •
CVSS: 5.9EPSS: 0%CPEs: 21EXPL: 1CVE-2017-17689 – Debian Security Advisory 4244-1
https://notcve.org/view.php?id=CVE-2017-17689
16 May 2018 — The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. La especificación S/MIME permite un ataque malleability-gadget Cipher Block Chaining (CBC) que puede conducir indirectamente a la exfiltración en texto plano. Esto también se conoce como EFAIL. Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails. • http://www.securityfocus.com/bid/104165 •