RSS   Vulnerabilities for 'K-mail'   RSS

2007-03-06
 
CVE-2007-1265

CWE-Other
 

 
KMail 1.9.5 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents KMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.

 
2007-03-07
 
CVE-2006-7139

CWE-20
 

 
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.

 
2002-06-25
 
CVE-2002-0342

 

 
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.

 
1999-06-01
 
CVE-2000-0481

 

 
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.

 
2000-01-04
 
CVE-1999-0735

 

 
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.

 

 >>> Vendor: KDE 44 Products
K-mail
KDE
Kde beta 3
KVT
KTV
Kdeutils
Konqueror
Klisa
Kopete
Konqueror embedded
Koffice
KPDF
Kdelibs
Dcopserver
Desktop communication protocol daemon
Quanta
Kdegraphics
Kword
ARTS
Kdebase
Libkhtml
Ksirc
Kmplayer
Kde sc
KGET
Kcheckpass
Kde pim
Kde-workspace
ARK
Kauth
Kde-runtime
Kio-extras
Plasma-desktop
Kde applications
Plasma-workspace
Kde frameworks
Karchives
Kscreenlocker
Kmail
Kde-cli-tools
KIO
Messagelib
Trojita
Okular


Copyright 2019, cxsecurity.com

 

Back to Top