VYPR
Unrated severityNVD Advisory· Published Aug 7, 2012· Updated Jun 16, 2026

CVE-2012-3413

CVE-2012-3413

Description

The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitrary web script or HTML via a crafted email.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • KDE/kdepim2 versions
    cpe:2.3:a:kde:kde_pim:4.6:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:kde:kde_pim:4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:kde:kde_pim:4.8:*:*:*:*:*:*:*
  • KDE/PIMllm-create
    Range: >=4.6, <=4.8

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.