Sebastian Schinzel

**Nome do software vulnerável e versões afetadas** Versões do Fetchmail anteriores à 6.4.22 **Descrição** O problema está relacionado à falha do Fetchmail em aplicar a criptografia de sessão STARTTLS em determinadas circunstâncias, como com IMAP e PREAUTH. **Recomendações** Para versões anteriores à 6.4.22, atualize para a versão 6.4.22 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 15.2 Versões do iPadOS anteriores à 15.2 **Descrição** Existia uma falha no S/MIME no tratamento de e-mails criptografados, permitindo que um invasor pudesse recuperar o conteúdo em texto simples de um e-mail criptografado por S/MIME. Essa falha foi corrigida com a exclusão do carregamento automático de algumas partes MIME. **Recomendações** Para versões do iOS anteriores à 15.2, atualize para o iOS 15.2 ou posterior para resolver o problema. Para versões do iPadOS anteriores à 15.2, atualize para o iPadOS 15.2 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Versões do Exim até a 4.94.2 **Descrição** A vulnerabilidade está relacionada ao recurso STARTTLS do Exim, que permite a injeção de respostas durante o envio SMTP pelo MTA. Isso se deve à neutralização insuficiente de elementos especiais na solicitação. A exploração dessa vulnerabilidade pode permitir que um invasor remoto comprometa a integridade dos dados. **Recomendações** Para as versões do Exim até a 4.94.2, atualize para uma versão que contenha uma correção para este problema, a fim de impedir a injeção de respostas durante o envio SMTP do MTA. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Plataformas HTML do Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado a erros no gerenciamento de privilégios dentro do componente Plataforma HTML do Windows do sistema operacional Windows. Isso pode permitir que um invasor remoto contorne as restrições de segurança existentes. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do Apache WSS4J anteriores à 1.6.5 JBossWS (versões afetadas não especificadas) Red Hat JBoss Business Rules Management System (versões afetadas não especificadas) Red Hat JBoss Enterprise Application Platform (versões afetadas não especificadas) Red Hat JBoss Enterprise SOA Platform (versões afetadas não especificadas) Redhat JBoss Enterprise Web Platform (versões afetadas não especificadas) Redhat JBoss Middleware (versões afetadas não especificadas) Redhat JBoss Portal (versões afetadas não especificadas) Redhat JBoss Web Services (versões afetadas não especificadas) Apache CXF (versões afetadas não especificadas) **Descrição** As implementações do mecanismo de transporte de chaves PKCS#1 v1.5 para XMLEncryption no software afetado são suscetíveis a um ataque Bleichenbacher, que é um tipo de ataque de texto cifrado escolhido. Essa vulnerabilidade permite que um invasor recupere a chave simétrica e realize novos ataques. O problema está relacionado ao uso de um protocolo de criptografia simétrica fraco. **Recomendações** Para versões do Apache WSS4J anteriores à 1.6.5, atualize para a versão 1.6.5 ou posterior. Para JBossWS, Redhat JBoss Business Rules Management System, Redhat JBoss Enterprise Application Platform, Redhat JBoss Enterprise SOA Platform, Redhat JBoss Enterprise Web Platform, Redhat JBoss Middleware, Redhat JBoss Portal, Redhat JBoss Web Services e Apache CXF, no momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15 **Description** An issue existed in the handling of links in encrypted PDFs, which could allow an attacker to exfiltrate the contents of an encrypted PDF. This issue was addressed by adding a confirmation prompt. **Recommendations** For versions prior to 10.15, update to macOS Catalina 10.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows information disclosure on the backend. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the admin panel, which is a result of a Cross-site Scripting (XSS) flaw. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions 4.3.x through 4.3.11 TYPO3 versions 4.4.x through 4.4.8 TYPO3 versions 4.5.x through 4.5.3 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the `browse links` wizard, which is a type of Cross-site Scripting (XSS) attack. This occurs when an attacker sends malicious input to the application, which is then executed by the user's browser, potentially leading to unauthorized actions or data theft. **Recommendations** For versions 4.3.x through 4.3.11, update to version 4.3.12 or later. For versions 4.4.x through 4.4.8, update to version 4.4.9 or later. For versions 4.5.x through 4.5.3, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the system extension recycler, which can lead to Cross-site Scripting (XSS) attacks. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message, which can lead to Cross-site Scripting (XSS) attacks. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.5.4 **Description** The issue allows information disclosure in the backend. **Recommendations** For versions prior to 4.5.4, update to version 4.5.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to extract arbitrary information from the TYPO3 database. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to delete arbitrary files on the web server. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.3.12 TYPO3 versions 4.4.x prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This is due to a Cross-site Scripting (XSS) flaw in the RemoveXSS function. **Recommendations** For versions prior to 4.3.12, update to version 4.3.12 or later. For versions 4.4.x prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 4.4.9 TYPO3 versions 4.5.x prior to 4.5.4 **Description** The issue allows remote attackers to retrieve ExtDirect endpoint services due to improper access control on ExtDirect calls. **Recommendations** For versions prior to 4.4.9, update to version 4.4.9 or later. For versions 4.5.x prior to 4.5.4, update to version 4.5.4 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 60.9 Thunderbird versions prior to 68.1 **Description** The issue is related to the Secure/Multipurpose Internet Mail Extensions (S/MIME) functionality in the Thunderbird email client, specifically concerning the lack of protection for certain data. This could allow a remote attacker to gain unauthorized access to protected information. Additionally, it is noted that encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in an HTML reply or forward. **Recommendations** For versions prior to 60.9, update to version 60.9 or later. For versions prior to 68.1, update to version 68.1 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.9 **Description** The issue is related to the Secure/Multipurpose Internet Mail Extensions (S/MIME) function in the Thunderbird email client, which lacks protection for certain data. This can allow a remote attacker to gain unauthorized access to protected information when an email is forwarded or replied to. Specifically, decrypted S/MIME parts that are hidden using CSS or the plaintext HTML tag can leak plaintext when included in an HTML reply or forward. **Recommendations** For versions prior to 52.9, update to version 52.9 or later to resolve the issue. As a temporary workaround, consider avoiding the use of HTML replies or forwards for emails containing sensitive S/MIME-protected information until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.9 **Description** The issue is related to the decryption of S/MIME parts in HTML messages, which can lead to plaintext leakage when included in a reply or forward. This is due to a lack of protection for certain data in the S/MIME and PGP functions of the Thunderbird email client. An attacker can exploit this issue by manipulating HTML messages to gain unauthorized access to protected information. **Recommendations** For versions prior to 52.9, update to version 52.9 or later to resolve the issue. As a temporary workaround, consider avoiding the use of HTML replies or forwards for sensitive messages until the update is applied. Restrict access to sensitive information when using the affected Thunderbird versions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.4 macOS versions prior to 10.13.5 **Description** The issue involves the Mail component and allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration. **Recommendations** For iOS versions prior to 11.4, update to version 11.4 or later. For macOS versions prior to 10.13.5, update to version 10.13.5 or later.