CVE Vulnerabilities

CVE-2013-7252

Published: Jan 18, 2015 | Modified: Aug 02, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
1.9 LOW
AV:L/AC:M/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu
LOW

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack.

Affected Software

Name Vendor Start Version End Version
Kde_applications Kde * 14.11.3 (including)
Kde-runtime Ubuntu precise *
Kde-runtime Ubuntu quantal *
Kde-runtime Ubuntu raring *
Kde-runtime Ubuntu saucy *
Kdebase-runtime Ubuntu lucid *

References