CVE-2012-3413

The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitrary web script or HTML via a crafted email.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kde:kde_pim:4.6:*:*:*:*:*:*:*
cpe:2.3:a:kde:kde_pim:4.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-07 20:55

Updated : 2024-02-28 12:00


NVD link : CVE-2012-3413

Mitre link : CVE-2012-3413

CVE.ORG link : CVE-2012-3413


JSON object : View

Products Affected

kde

  • kde_pim
CWE
CWE-16

Configuration