On 14 May 2018, at 14:36, Benny Kjær Nielsen wrote:
The worst type of exploit was a technique which allowed a man-in-the-middle attacker to take any encrypted email and then send an email to the author of this email which would effectively decrypt the email and send the result to a server, for example, using an `<img src>` HTML reference.
Just to be clear here, I find this particular bug embarrassing. It is somewhat related to how MailMate “primitively” handles displaying multiple email message parts. (Also note, that it only affects email for which image blocking was disabled.)
-- Benny https://freron.com/become_a_mailmate_patron/ _______________________________________________ mailmate mailing list mailmate@lists.freron.com https://lists.freron.com/listinfo/mailmate
