I just want to make sure I understand this.
The problem is this:
Alice sends Bob an encrypted and signed message.
Bob decrypts the message, and then does byte-surgery to construct a
plaintext clearsigned message that the signature verifies, and anyone in the
world can read.
This is the "attack," right?
Jon