CVE-2014-8878

Опубликовано: 28 сент. 2017

Источник: debian

EPSS Низкий

Описание

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
kdepim	fixed	4:4.14.5-1		package
kdepim	no-dsa		jessie	package
kdepim	no-dsa		wheezy	package
kdepim	not-affected		squeeze	package

Примечания

https://bugs.kde.org/show_bug.cgi?id=340312
https://www.openwall.com/lists/oss-security/2015/07/15/5

EPSS

Процентиль: 51%

0.00284

Низкий

Связанные уязвимости

CVE-2014-8878

CVSS3: 5.9

ubuntu

больше 8 лет назад

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2014-8878

redhat

больше 11 лет назад

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2014-8878

CVSS3: 5.9

nvd

больше 8 лет назад

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

GHSA-67gw-pr7f-99hr

CVSS3: 5.9

github

больше 3 лет назад

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

EPSS

Процентиль: 51%

0.00284

Низкий