Information Disclosure Vulnerability in Apple Mail.app on Mac OS X
CVE-2008-4491

Currently unrated

Key Information:

Vendor: Apple
Status: Mail
Vendor: CVE Published:; 8 October 2008

What is CVE-2008-4491?

Apple Mail.app version 3.5 on Mac OS X contains a vulnerability that results in the inadvertent storage of draft S/MIME email messages in plaintext on the email server. This occurs when the 'Store draft messages on the server' feature is enabled, allowing attackers and server administrators to access sensitive email contents. Consequently, the vulnerability poses a serious risk to user privacy, potentially leading to unauthorized viewing of confidential emails.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45688

vdb-entryx_refsource_XF

http://resources.enablesecurity.com/advisories/apple-mail...

x_refsource_MISC

http://www.securityfocus.com/bid/31598

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2008
Vulnerability Reserved
Oct 8, 2008