kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-02-05T19:00:00
Updated: 2024-08-06T15:27:39.169Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2074
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-02-05T19:55:28.703
Modified: 2024-11-21T01:50:59.087
Link: CVE-2013-2074
Redhat