Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate. Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.Īn issue was discovered in certain Apple products.
The issue involves the "Mail" component, which allows remote web servers to cause a denial of service via a crafted URL. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential encryption.Īn issue was discovered in certain Apple products. The issue involves the "Mail Drafts" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of an S/MIME certificate by the recipient.Īn issue was discovered in certain Apple products. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection.Īn issue was discovered in certain Apple products. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions.Īn issue was discovered in certain Apple products. It allows attackers to cause a denial of service (memory corruption) via a crafted image.Īn issue was discovered in certain Apple products. The issue involves the "Mail MessageUI" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via an HTML email message.Īn issue was discovered in certain Apple products. It allows remote attackers to spoof the address bar via a crafted web site.Īn issue was discovered in certain Apple products.
The issue involves the "Mail Message Framework" component.
It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature.Īn issue was discovered in certain Apple products. It allows man-in-the-middle attackers to read S/MIME encrypted messages by leveraging an inconsistency in the user interface.Īn issue was discovered in certain Apple products. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.Īn issue was discovered in certain Apple products. An issue was discovered in certain Apple products.
0 kommentar(er)
