CVE-2017-9604

KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:kde:messagelib:*:*:*:*:*:*:*:*
cpe:2.3:a:kde:kmail:*:*:*:*:*:*:*:*
cpe:2.3:o:kde:kde:17.04:*:*:*:*:*:*:*

Information

Published : 2017-06-13 06:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-9604

Mitre link : CVE-2017-9604


JSON object : View

CWE
CWE-311

Missing Encryption of Sensitive Data

Advertisement

dedicated server usa

Products Affected

kde

  • kmail
  • messagelib
  • kde