CVEs

Mitarbeiter des Lehrstuhls haben zahlreiche Schwachstellen gemeldet und bei der Behebung der Fehler geholfen.

Document Security, LibreOffice Content Spoofing and Code Execution: CVE-2021-25633, CVE-2021-25636
Document Security, LibreOffice XSW on Signature Timestamp: CVE-2021-25634
Document Security, LibreOffice Content Spoofing: CVE-2021-25635
Document Security, OpenOffice Content Spoofing and Code Execution: CVE-2021-41830
Document Security, OpenOffice XSW on Signature Timestamp: CVE-2021-41831
Document Security, OpenOffice Content Spoofing: CVE-2021-41832

PDF Security, Evil Annotation Attacks: CVE-2020-35931
LibreOffice URL Invocation, File Write Access and Code Execution: CVE-2020-12802, CVE-2020-12803
PDF Security, Arbitrary JavaScript Execution: CVE-2020-24432
PDF Security, Shadow Attack: CVE-2020-9592
PDF Security, Shadow Attack: CVE-2020-9596
Email Security, Information Disclosure with mailto: URLs: CVE-2020-4089, CVE-2020-11879, CVE-2020-11880, CVE-2020-27748
Email Security, Automatic Import of S/MIME Certificates: CVE-2020-12618, CVE-2020-12619
TLS, Raccoon Attack, Direct Oracle: CVE-2020-5929
TLS, Raccoon Attack, Timing Side-Channel: CVE-2020-1968, CVE-2020-12413, CVE-2020-1596

Email Security, More Direct Exfiltration Attacks: CVE-2019-11739, CVE-2019-14664.
Email Security, Covert Content Decryption Oracles: CVE-2019-10731, CVE-2019-10732, CVE-2019-10733, CVE-2019-10734, CVE-2019-10735, CVE-2019-10736, CVE-2019-10737, CVE-2019-10738, CVE-2019-10739, CVE-2019-10740, CVE-2019-10741
Email Security, Covert Content Signature Oracles: CVE-2019-10726, CVE-2019-10727, CVE-2019-10728, CVE-2019-10729, CVE-2019-10730
Email Security, Airmail Signature Verification Failure: CVE-2019-8338
Email Security, Enigmail PGP Signature Spoofing: CVE-2019-12269
#PDFex in Adobe (Acrobat) and Apple (macOS): CVE-2019-8237, CVE-2019-8772.