Your submission was sent successfully! Close

CVE-2014-3494

Published: 01 July 2014

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.

Priority

Medium

Status

Package Release Status
kde4libs
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr)
Released (4:4.13.1-0ubuntu0.2)