KDE kmail prior to 5.5.2 and messagelib prior to 5.5.2, as distributed in KDE Applications prior to 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote malicious users to obtain sensitive information by sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kde messagelib |
||
kde kmail |