Unrated severityNVD Advisory· Published Jan 18, 2015· Updated May 6, 2026

CVE-2013-7252

Description

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack.

Affected products

KDE/Kde Applications
cpe:2.3:a:kde:kde_applications:*:*:*:*:*:*:*:*
Range: <=14.11.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kde.org/info/security/advisory-20150109-1.txtnvdPatchVendor Advisory
gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/nvdExploit
www.securityfocus.com/bid/67716nvdThird Party Advisory
security.gentoo.org/glsa/201606-19nvdThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue Tracking
www.openwall.com/lists/oss-security/2014/01/02/3nvd
www.openwall.com/lists/oss-security/2015/01/09/7nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000