The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nine | 9folders | - (including) | - (including) |
Apple | - (including) | - (including) | |
Airmail | Bloop | - (including) | - (including) |
Emclient | Emclient | - (including) | - (including) |
Maildroid | Flipdogsolutions | - (including) | - (including) |
Mailmate | Freron | - (including) | - (including) |
Evolution | Gnome | - (including) | - (including) |
Gmail | - (including) | - (including) | |
Horde_imp | Horde | - (including) | - (including) |
Notes | Ibm | - (including) | - (including) |
Kmail | Kde | - (including) | - (including) |
Trojita | Kde | - (including) | - (including) |
Outlook | Microsoft | 2007 (including) | 2007 (including) |
Outlook | Microsoft | 2010 (including) | 2010 (including) |
Outlook | Microsoft | 2013 (including) | 2013 (including) |
Outlook | Microsoft | 2016 (including) | 2016 (including) |
Thunderbird | Mozilla | - (including) | - (including) |
Postbox | Postbox-inc | - (including) | - (including) |
R2mail2 | R2mail2 | - (including) | - (including) |
The_bat | Ritlabs | - (including) | - (including) |