5
CVE-2007-1137
- EPSS 0.89%
- Veröffentlicht 02.03.2007 21:18:00
- Zuletzt bearbeitet 16.06.2026 22:37:01
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
putmail.py in Putmail before 1.4 does not detect when a user attempts to use TLS with a server that does not support it, which causes putmail.py to send the username and password in plaintext while the user believes encryption is in use, and allows remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sourceforge ≫ Putmail Version.8
Sourceforge ≫ Putmail Version.9
Sourceforge ≫ Putmail Version.10
Sourceforge ≫ Putmail Version.11
Sourceforge ≫ Putmail Version.12
Sourceforge ≫ Putmail Version1.0
Sourceforge ≫ Putmail Version1.1
Sourceforge ≫ Putmail Version1.2
Sourceforge ≫ Putmail Version1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.89% | 0.545 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://osvdb.org/33764
http://putmail.sourceforge.net/home.html
http://secunia.com/advisories/24266
http://www.securityfocus.com/bid/22718
http://www.vupen.com/english/advisories/2007/0753
https://exchange.xforce.ibmcloud.com/vulnerabilities/32689