Credential Exposure in KIO HTTP Module of KDE Kdelibs
CVE-2013-2074

Currently unrated

Key Information:

Vendor

Kde

Status
Kdelibs
Vendor
CVE Published:
5 February 2014

What is CVE-2013-2074?

A vulnerability in the KIO HTTP module of KDE's Kdelibs versions 4.10.3 and earlier allows attackers to exploit crafted requests that cause an 'internal server error.' This error message inadvertently discloses sensitive information, including usernames and passwords, posing a serious risk to system security. Users should promptly update their Kdelibs software to the latest version to mitigate this exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2013/05/10/4
mailing-listx_refsource_MLIST
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707776
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=961981
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.