Claws Mail before 3.17.6 Insufficient Information Vulnerability

Summary

Claws Mail before 3.17.6 suffers from insufficient information vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://git.claws-mail.org/?p=claws.git;a=blob;f=RELEASE_NOTES


Details

Common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.

 

Vulnerable Systems:

Claws Mail before 3.17.6

 

CVE Information:

CVE-2020-15917

 

Disclosure Timeline:
Published Date:7/23/2020

Categories: FeaturedNews