Vulnerability Description
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kmail | Kmail | 1.7.1 |
| Kde | Kde | 3.3.2 |
References
- http://bugs.kde.org/show_bug.cgi?id=96020ExploitPatchVendor Advisory
- http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.htmlVendor Advisory
- http://secunia.com/advisories/14925Vendor Advisory
- http://www.securiteam.com/unixfocus/5GP0B0AFFE.htmlExploitPatchVendor Advisory
- http://bugs.kde.org/show_bug.cgi?id=96020ExploitPatchVendor Advisory
- http://mail.kde.org/pipermail/kmail-devel/2005-February/015490.htmlVendor Advisory
- http://secunia.com/advisories/14925Vendor Advisory
- http://www.securiteam.com/unixfocus/5GP0B0AFFE.htmlExploitPatchVendor Advisory
FAQ
What is CVE-2005-0404?
CVE-2005-0404 is a vulnerability with a CVSS score of 5.0 (MEDIUM). KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
How severe is CVE-2005-0404?
CVE-2005-0404 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0404?
Check the references section above for vendor advisories and patch information. Affected products include: Kmail Kmail, Kde Kde.