CVE-2014-3494

Published Jul 1, 2014

Last updated 3 months ago

CVSS info 4.3

Overview

Description: kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.10.97:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B34C3204-4A63-4490-ABED-AF83CE3F37E0"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39EAE85E-BF52-45EA-82D8-BBBC0DE9759C"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B4D1998-D62F-4D0E-8E6C-33D4760BE69D"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13CD2D8F-32F6-4AC4-B43C-506724EA6E38"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4733C600-C5D6-4A5D-A1DF-1F41597F6926"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC7EBD3A-EDFC-4B8F-9095-5E0670AF991E"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55EC512F-3F86-40DA-AA7B-034DA9B5DBA3"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08FF236F-A7D5-4D08-8885-BD1889B0D398"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F5EDED4-34A3-4D2B-A9E7-D980D78E10EA"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46457BB9-BD24-4437-AFDA-01D25E52410E"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.11.97:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52A2D11C-26D2-47F1-9D34-60DB3116C39E"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A58204C3-0DEC-462B-A6B8-5EC1D9B65729"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C767A89D-BA45-4730-BA2D-AAC2BA7436E0"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A5FC4CC-DC0C-44D8-AAF6-A15CF7E6BD5C"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24629660-4066-4362-AD77-080604488303"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "718095EE-ADEC-4E28-B678-DA3D636BBE32"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA3E3729-298F-43C3-9BE0-82072FE47F9B"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6FC3277-8410-437F-813A-63254E983A5F"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88E2B874-46DF-4A95-9541-14CF70E2A73D"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A593BA6-D3B2-48EE-AC9E-B84967D03B37"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.12.97:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14034B30-9DE0-43EE-A79D-D4FC624D6C86"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A34BC1E-102D-43EF-A7BD-46E9866B07ED"
          },
          {
            "criteria": "cpe:2.3:a:kde:kdelibs:4.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90E66075-D997-4C6D-94AA-DE224B12BB2D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References