CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.
Configurations

Configuration 1 (hide)

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:kde:kdelibs:4.10.97:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.0:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.1:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.2:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.3:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.4:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.5:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.80:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.90:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.95:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.11.97:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.0:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.1:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.2:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.3:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.4:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.5:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.80:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.90:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.95:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.12.97:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.13.0:*:*:*:*:*:*:*
cpe:2.3:a:kde:kdelibs:4.13.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-07-01 16:55

Updated : 2024-02-04 18:35


NVD link : CVE-2014-3494

Mitre link : CVE-2014-3494

CVE.ORG link : CVE-2014-3494


JSON object : View

Products Affected

kde

  • kdelibs

opensuse

  • opensuse
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor