CVE-2014-5369 on Ubuntu 12.04 LTS (precise) - low.
Description:
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network.