CVEs-PoC/2017/CVE-2017-17688.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-04-21 18:16:01 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1023 B

Raw Permalink Blame History

CVE-2017-17688

Description

The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification

POC

Reference

https://www.patreon.com/posts/cybersecurity-15-18814817

Github

https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform
https://github.com/giterlizzi/secdb-feeds
https://github.com/hannob/pgpbugs
https://github.com/jaads/Efail-malleability-gadget-exploit

1023 B Raw Permalink Blame History

CVE-2017-17688

Description

POC

Reference

Github

1023 B

Raw Permalink Blame History