CVE-2017-9604
- Source
- https://cve.org/CVERecord?id=CVE-2017-9604
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9604.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-9604
- Downstream
- Related
- Published
- 2017-06-13T13:29:00.220Z
- Modified
- 2026-04-11T11:40:05.142167Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.
- References
Affected packages
Git / github.com/kde/kmail
Database specific
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"26936862751056223271378651773350141874",
"147753422659276439829638422992941333413",
"256055254617099371927628159996071252580",
"6237817401237767029496548082185589423"
]
},
"id": "CVE-2017-9604-1e691798",
"signature_type": "Line",
"source": "https://github.com/kde/kmail/commit/78c5552be2f00a4ac25bd77ca39386522fca70a8",
"deprecated": false,
"target": {
"file": "src/editor/kmcomposerwin.h"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "257727360109239230956837983898494587049",
"length": 1340.0
},
"id": "CVE-2017-9604-3c165c1d",
"signature_type": "Function",
"source": "https://github.com/kde/kmail/commit/78c5552be2f00a4ac25bd77ca39386522fca70a8",
"deprecated": false,
"target": {
"function": "KMComposerWin::slotSendLater",
"file": "src/editor/kmcomposerwin.cpp"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "329420148006121099214417486198642879029",
"length": 4177.0
},
"id": "CVE-2017-9604-91527bf2",
"signature_type": "Function",
"source": "https://github.com/kde/kmail/commit/78c5552be2f00a4ac25bd77ca39386522fca70a8",
"deprecated": false,
"target": {
"function": "KMComposerWin::doSend",
"file": "src/editor/kmcomposerwin.cpp"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"171515760466386715851801238677479693481",
"100956914222261329371661719711300125466",
"102414020928253762685753738538812198397",
"33286685259308721839446318719666905468",
"188097591602447983849197220311793201881",
"319182387174062329084136337923299632568",
"36921979096037215443175291460946474118",
"88681689698140011510796676589812913505",
"317625579068653833866580054865005408390",
"126345107536763788961993512739101468109",
"25040293319142026826008149727049811036",
"223294017360101117060230640828457089701",
"324396016245741148738556180156061430484",
"242628843457735989557136813190891846434",
"15709050902440614553125708423259186651",
"190971110931613532423060893732171562942",
"39003264449620868237994001715739632699",
"61962259295180074635088808312496210824"
]
},
"id": "CVE-2017-9604-b7a46cca",
"signature_type": "Line",
"source": "https://github.com/kde/kmail/commit/78c5552be2f00a4ac25bd77ca39386522fca70a8",
"deprecated": false,
"target": {
"file": "src/editor/kmcomposerwin.cpp"
},
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9604.json"
vanir_signatures_modified
"2026-04-11T11:40:05Z"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.5.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.5.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.5.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.5.2"
}
]
}
]