CVE-2017-17843 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-17843 Interim 1 5 2022-09-18T00:38:34Z current 2021-05-30T14:05:05Z 2022-09-18T00:38:34Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-17843 An issue was discovered in Enigmail before 1.9.9 that allows remote attackers to trigger use of an intended public key for encryption, because incorrect regular expressions are used for extraction of an e-mail address from a comma-separated list, as demonstrated by a modified Full Name field and a homograph attack, aka TBE-01-002. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 enigmail enigmail as a component of SUSE Linux Enterprise Workstation Extension 15 SP2 An issue was discovered in Enigmail before 1.9.9 that allows remote attackers to trigger use of an intended public key for encryption, because incorrect regular expressions are used for extraction of an e-mail address from a comma-separated list, as demonstrated by a modified Full Name field and a homograph attack, aka TBE-01-002. CVE-2017-17843 SUSE Linux Enterprise Workstation Extension 15 SP2:enigmail important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N