Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2014-2576

Published: 15/10/2014 Updated: 30/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Claws-mail

Vulnerability Summary

plugins/rssyl/feed.c in Claws Mail prior to 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote malicious users to spoof servers and conduct man-in-the-middle (MITM) attacks.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

claws-mail claws-mail

opensuse opensuse 12.3

opensuse opensuse 13.1

Vendor Advisories

Debian CVElist Bug Report Logs: claws-mail: CVE-2014-2576
Debian Bug report logs - #742695 claws-mail: CVE-2014-2576 Package: claws-mail; Maintainer for claws-mail is Ricardo Mones <mones@debianorg>; Source for claws-mail is src:claws-mail (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 26 Mar 2014 13:33:02 UTC Severity: important Tags: c ...

References

CWE-310http://seclists.org/oss-sec/2014/q1/636http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3106http://lists.opensuse.org/opensuse-updates/2014-10/msg00015.htmlhttp://sourceforge.net/p/claws-mail/news/2014/05/claws-mail-3100-unleashed/http://secunia.com/advisories/60422https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742695https://nvd.nist.govhttps://www.securityfocus.com/bid/66466
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XSSCVE-2023-48314CVE-2023-6376CVE-2023-46384arbitrary codeCVE-2023-42917CVE-2023-48842CVE-2023-42916firewall
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook