cpe:/a:9folders:nine:- cpe:/a:apple:mail:- cpe:/a:apple:mail:-::~~~iphone_os~~ cpe:/a:bloop:airmail:- cpe:/a:emclient:emclient:- cpe:/a:flipdogsolutions:maildroid:- cpe:/a:freron:mailmate:- cpe:/a:gnome:evolution:- cpe:/a:google:gmail:- cpe:/a:horde:horde_imp:- cpe:/a:ibm:notes:- cpe:/a:kde:kmail:- cpe:/a:kde:trojita:- cpe:/a:microsoft:outlook:2007 cpe:/a:microsoft:outlook:2010 cpe:/a:microsoft:outlook:2013 cpe:/a:microsoft:outlook:2016 cpe:/a:mozilla:thunderbird:- cpe:/a:postbox-inc:postbox:- cpe:/a:r2mail2:r2mail2:- cpe:/a:ritlabs:the_bat:- CVE-2017-17689 2018-05-16T15:29:00.303-04:00 2019-10-02T20:03:26.223-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2018-06-25T09:38:12.417-04:00 BID 104165 MISC https://efail.de MISC https://news.ycombinator.com/item?id=17066419 MISC https://pastebin.com/gNCc8aYm MISC https://twitter.com/matthew_d_green/status/996371541591019520 CONFIRM https://www.synology.com/support/security/Synology_SA_18_22 The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.