CVE-2013-2074

2013-05-1500:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.7%

JSON

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows
attackers to discover credentials via a crafted request that triggers an
“internal server error,” which includes the username and password in an
error message.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchkde4libs< 4:4.8.5-0ubuntu0.2UNKNOWN
ubuntu12.10noarchkde4libs< 4:4.9.5-0ubuntu0.2UNKNOWN
ubuntu13.04noarchkde4libs< 4:4.10.2-0ubuntu2.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	kde4libs	< 4:4.8.5-0ubuntu0.2	UNKNOWN
ubuntu	12.10	noarch	kde4libs	< 4:4.9.5-0ubuntu0.2	UNKNOWN
ubuntu	13.04	noarch	kde4libs	< 4:4.10.2-0ubuntu2.2	UNKNOWN