CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.

Published: Jul 1, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3494
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
opensuse / opensuse	13.1	13.1.x
kde / kdelibs	4.11.4	4.11.4.x
kde / kdelibs	4.10.97	4.10.97.x
kde / kdelibs	4.12.3	4.12.3.x
kde / kdelibs	4.12.1	4.12.1.x
kde / kdelibs	4.11.90	4.11.90.x
kde / kdelibs	4.12.90	4.12.90.x
kde / kdelibs	4.12.97	4.12.97.x
kde / kdelibs	4.11.2	4.11.2.x
kde / kdelibs	4.13.0	4.13.0.x
kde / kdelibs	4.11.5	4.11.5.x
kde / kdelibs	4.12.0	4.12.0.x
kde / kdelibs	4.12.2	4.12.2.x
kde / kdelibs	4.11.1	4.11.1.x
kde / kdelibs	4.12.80	4.12.80.x
kde / kdelibs	4.11.95	4.11.95.x
kde / kdelibs	4.11.80	4.11.80.x
kde / kdelibs	4.11.3	4.11.3.x
kde / kdelibs	4.12.5	4.12.5.x
kde / kdelibs	4.11.97	4.11.97.x
kde / kdelibs	4.11.0	4.11.0.x
kde / kdelibs	4.13.1	4.13.1.x
kde / kdelibs	4.12.4	4.12.4.x
kde / kdelibs	4.12.95	4.12.95.x

Vulnerability Database

289,697

CVE-2014-3494