Unrated severityNVD Advisory· Published May 21, 2019· Updated Aug 4, 2024
CVE-2019-12269
CVE-2019-12269
Description
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- Enigmail/Enigmaildescription
- osv-coords6 versionspkg:rpm/opensuse/enigmail&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/enigmail&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/enigmail&distro=openSUSE%20Tumbleweedpkg:rpm/suse/enigmail&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/enigmail&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1pkg:rpm/suse/enigmail&distro=SUSE%20Package%20Hub%2012
< 2.0.11-31.1+ 5 more
- (no CPE)range: < 2.0.11-31.1
- (no CPE)range: < 2.0.11-31.1
- (no CPE)range: < 2.2.4-1.4
- (no CPE)range: < 2.0.11-3.16.1
- (no CPE)range: < 2.0.11-3.16.1
- (no CPE)range: < 2.0.11-31.1
Patches
Vulnerability mechanics
References
6- lists.opensuse.org/opensuse-security-announce/2019-06/msg00061.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVNTEF3WSOOQYKMIPEH7F77UPXES5BU5/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYWBJHSBBLAHKMRWDWH2XXQDYAGDHB5I/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHC5WDQ47FQSL5CTGQUYIHVC3RNZ7UH5/mitrevendor-advisoryx_refsource_FEDORA
- sourceforge.net/p/enigmail/bugs/983/mitrex_refsource_MISC
- www.enigmail.net/index.php/en/download/changelogmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.