Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0404

4 documents4 sources

Severity

5.0MEDIUM

EPSS

5.4%

top 9.87%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

KDE KDE Kmail Kmail

Timeline

PublishedMay 2

Latest updateMay 1

Description

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDkmail/kmail1.7.1

▶NVDkde/kde3.3.2

Patches

Patch: bugs.kde.org ↗Patch: www.securiteam.com ↗Patch: bugs.kde.org ↗

🔴Vulnerability Details

GHSA

GHSA-4h89-7jw5-x39f: KMail 1↗2022-05-01

▶

CVEList

CVE-2005-0404: KMail 1↗2005-04-13

▶

💥Exploits & PoCs

Exploit-DB

KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing↗2005-04-11

▶