CVE Vulnerability

CVE-2008-4491

Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://resources.enablesecurity.com/advisories/apple-mailapp-smime.txt
http://www.securityfocus.com/bid/31598
http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory/
http://securityreason.com/securityalert/4363
http://www.securitytracker.com/id?1021019
https://exchange.xforce.ibmcloud.com/vulnerabilities/45688
http://www.securityfocus.com/archive/1/497057/100/0/threaded
Configurations

Configuration 1
Information

Published : 2008-10-08 06:00

Updated : 2018-10-11 08:52

NVD link : CVE-2008-4491

Mitre link : CVE-2008-4491

Products Affected
No products.
CWE
CWE-200