PT-2008-5724 · Apple · Mail.App
Publicado
2008-10-08
·
Atualizado
2018-10-11
·
CVE-2008-4491
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Apple Mail.app version 3.5
Description:
The issue allows server owners and remote man-in-the-middle attackers to read sensitive mail because draft copies of S/MIME email are stored in plaintext on the email server when "Store draft messages on the server" is enabled.
Recommendations:
For Apple Mail.app version 3.5, consider disabling the "Store draft messages on the server" option to prevent storing draft messages on the server until a fix is available.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mail.App