18 matches found
EUVD-2017-18535
Malware in sbrugna...
RHEL 6 : kdepim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kmail: Send Later with Delay bypasses OpenPGP CVE-2017-9604 - KDE KMail does not encrypt attachments in...
SUSE CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
Updated kmail(kdepimlibs4) packages fix security vulnerability and bugs
The kdepimlibs4, kdepim4, kdepim4-runtime, and akonadi packages have been updated to include the latest bug fixes from upstream. This includes a fix for an issue where the Send Later function in kmail would cause an e-mail that had been designated to be sent encrypted would be sent in plain text...
openSUSE Security Update : kdepim4 (openSUSE-2017-755)
This update for kdepim4 fixes the following issues : - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210 The package kdepim-addons was updated to conflict with 4.x based akonadi package to prevent file conflicts. boo1045936 %NASLMINLEVEL 703...
OPENSUSE-SU-2017:1756-1 Security update for kdepim, messagelib
This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...
OPENSUSE-SU-2017:1748-1 Security update for kdepim, messagelib
This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...
CVE-2017-9604
It was found that KMail's Send Later with Delay function bypassed OpenPGP signing and encryption, causing the message to be sent unsigned and in plain-text. A remote attacker, with access to the user's network traffic, could potentially use this flaw to obtain sensitive information from the...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
DEBIAN-CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
Design/Logic Flaw
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
UBUNTU-CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
CVE-2017-9604 details (Mode C): Affected software uses KDE PIM components: kmail and messagelib (KDE Applications before 17.04.2), with the issue occurring in the Send Later flow. The root cause is that the plugin’s sign/encrypt action is not guaranteed to occur during Send Later, enabling potent...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
Text now, Send later! - Customized SSL, Dynamic Code Loading, Exported components vulnerabilities
HackApp vulnerability scanner discovered that application Text now, Send later! published at the 'play' market has multiple vulnerabilities...