The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita prior to 0.4.1 allows man-in-the-middle malicious users to trigger use of cleartext for saving a message into a (1) sent or (2) draft folder via a PREAUTH response that prevents later use of the STARTTLS command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trojita project trojita 0.3.96 |
||
trojita project trojita 0.3.93 |
||
trojita project trojita 0.3.92 |
||
trojita project trojita 0.3.91 |
||
trojita project trojita |
||
trojita project trojita 0.3.90 |
||
trojita project trojita 0.2.9.4 |
||
trojita project trojita 0.2.9.2 |
||
trojita project trojita 0.2.9.1 |
||
trojita project trojita 0.2.9 |
||
trojita project trojita 0.2 |
||
trojita project trojita 0.3 |
||
trojita project trojita 0.2.9.3 |
||
trojita project trojita 0.1 |