CVE-2018-15587 - Improper Verification of Cryptographic Signature

Severity

43%

Complexity

86%

Confidentiality

48%

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

CVSS 3.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Demo Examples

Improper Verification of Cryptographic Signature

CWE-347

In the following code, a JarFile object is created from a downloaded file.


               
JarFile jf = new JarFile(f);

The JAR file that was potentially downloaded from an untrusted source is created without verifying the signature (if present). An alternate constructor that accepts a boolean verify parameter should be used instead.

Overview

First reported 6 years ago

2019-02-11 17:29:00

Last updated 5 years ago

2019-06-10 07:29:00

Affected Software

Debian Linux 8.0 (Jessie)

8.0

References

openSUSE-SU-2019:1431

openSUSE-SU-2019:1453

openSUSE-SU-2019:1528

http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html

Third Party Advisory, VDB Entry

20190430 OpenPGP and S/MIME signature forgery attacks in multiple email clients

Mailing List, Third Party Advisory

[oss-security] 20190430 Spoofing OpenPGP and S/MIME Signatures in Emails (multiple clients)

Mailing List, Third Party Advisory

https://bugzilla.gnome.org/show_bug.cgi?id=796424

Exploit, Issue Tracking, Vendor Advisory

https://github.com/RUB-NDS/Johnny-You-Are-Fired

https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf

[debian-lts-announce] 20190426 [SECURITY] [DLA 1766-1] evolution security update

Mailing List, Third Party Advisory

20190609 [SECURITY] [DSA 4457-1] evolution security update

USN-3998-1

DSA-4457

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.