cbcvebase.
CVE-2013-2074
published 2014-02-05

CVE-2013-2074: kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server…

PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.98%
78.1th percentile
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.

Affected

4 ranges
VendorProductVersion rangeFixed in
kdekdelibs<= 4.10.3
kdekdelibs
kdekdelibs
kdekdelibs

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.