What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2017-7078.

Which Apple products are affected by this vulnerability?

iOS before 11 and macOS before 10.13 are affected by this vulnerability.

What is the severity rating of CVE-2017-7078?

The severity rating of CVE-2017-7078 is medium with a severity value of 5.3.

How can an attacker exploit this vulnerability?

An attacker can exploit this vulnerability by reading unintended cleartext transmissions in the "Mail Drafts" component.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability at the following references: [SecurityFocus](http://www.securityfocus.com/bid/100999), [SecurityTracker](http://www.securitytracker.com/id/1039427), and [Apple Support](https://support.apple.com/HT208112).

Vulnerability/
CVE-2017-7078

medium

5.3

CWE

319

19/9/2017

23/10/2017

27/7/2020

CVE-2017-7078

First published: Tue Sep 19 2017(Updated: )

Mail Drafts. An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted.

Credit: Petter Flink Pierre ALBARÈDE Marseillean anonymous researcher Petter Flink Pierre ALBARÈDE Marseillean anonymous researcher product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iPhone OS	<=10.3.3
Apple Mac OS X	<=10.12.6
Apple iOS	<11	11
Apple macOS High Sierra	<10.13	10.13

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2017-13832
CVE-2017-13863
CVE-2017-7131
CVE-2017-13829
CVE-2017-13833
CVE-2017-7083
CVE-2017-13821
CVE-2017-0381
CVE-2017-13825
CVE-2017-7088
CVE-2017-13815
CVE-2017-13828
CVE-2017-11103
CVE-2017-13830
CVE-2017-7072
CVE-2017-13814
CVE-2017-13831
CVE-2017-7114
CVE-2017-13817
CVE-2017-13818
CVE-2017-13836
CVE-2017-13841
CVE-2017-13840
CVE-2017-13842
CVE-2017-13843
CVE-2017-13854
CVE-2017-13834
CVE-2017-13873
CVE-2017-7140
CVE-2017-13813
CVE-2017-13816
CVE-2017-13812
CVE-2017-7086
CVE-2017-1000373
CVE-2016-9063
CVE-2017-9233
CVE-2017-7376
CVE-2017-5130
CVE-2017-9050
CVE-2017-9049
CVE-2018-4302
CVE-2017-7148
CVE-2017-7078
CVE-2017-7097
CVE-2017-7118
CVE-2017-7133
CVE-2017-7075
CVE-2017-7139
CVE-2017-13806
CVE-2017-13822
CVE-2017-7132
CVE-2017-7085
CVE-2017-13877
CVE-2017-7080
CVE-2017-7146
CVE-2017-10989
CVE-2017-7128
CVE-2017-7129
CVE-2017-7130
CVE-2017-7127
CVE-2017-6211
CVE-2017-7145
CVE-2017-7081
CVE-2017-7087
CVE-2017-7091
CVE-2017-7092
CVE-2017-7093
CVE-2017-7094
CVE-2017-7095
CVE-2017-7096
CVE-2017-7098
CVE-2017-7099
CVE-2017-7100
CVE-2017-7102
CVE-2017-7104
CVE-2017-7107
CVE-2017-7111
CVE-2017-7117
CVE-2017-7120
CVE-2017-7089
CVE-2017-7090
CVE-2017-7106
CVE-2017-7109
CVE-2017-7144
CVE-2017-7142
CVE-2017-11120
CVE-2017-11121
CVE-2017-7103
CVE-2017-7105
CVE-2017-7108
CVE-2017-7110
CVE-2017-7112
CVE-2017-7115
CVE-2017-7116
CVE-2017-11122
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2016-0736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
CVE-2017-13909
CVE-2017-13809
CVE-2017-7084
CVE-2017-7074
CVE-2017-13820
CVE-2017-13807
CVE-2017-7143
CVE-2017-13890
CVE-2017-13851
CVE-2017-7138
CVE-2017-7121
CVE-2017-7122
CVE-2017-7123
CVE-2017-7124
CVE-2017-7125
CVE-2017-7126
CVE-2017-13811
CVE-2017-13835
CVE-2017-13819
CVE-2017-13837
CVE-2017-13906
CVE-2017-7077
CVE-2017-7119
CVE-2017-13810
CVE-2017-13782
CVE-2017-13827
CVE-2016-4736
CVE-2017-7141
CVE-2017-6451
CVE-2017-6452
CVE-2017-6455
CVE-2017-6458
CVE-2017-6459
CVE-2017-6460
CVE-2017-6462
CVE-2017-6463
CVE-2017-6464
CVE-2016-9042
CVE-2017-13824
CVE-2017-13846
CVE-2017-10140
CVE-2017-13823
CVE-2017-13808
CVE-2017-13838
CVE-2017-7082
CVE-2017-13908
CVE-2017-13839
CVE-2017-13910

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2017-7078.
Which Apple products are affected by this vulnerability?
iOS before 11 and macOS before 10.13 are affected by this vulnerability.
What is the severity rating of CVE-2017-7078?
The severity rating of CVE-2017-7078 is medium with a severity value of 5.3.
How can an attacker exploit this vulnerability?
An attacker can exploit this vulnerability by reading unintended cleartext transmissions in the "Mail Drafts" component.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following references: [SecurityFocus](http://www.securityfocus.com/bid/100999), [SecurityTracker](http://www.securitytracker.com/id/1039427), and [Apple Support](https://support.apple.com/HT208112).

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/apple-support
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/apple ios
canonical/apple macos high sierra
canonical/apple iphone os
version/apple iphone os/10.3.3
canonical/apple mac os x
version/apple mac os x/10.12.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.