Kingsoft · Kingsoft Kdrive Personal · CVE-2013-5999
**Name of the Vulnerable Software and Affected Versions**
Kingsoft KDrive Personal versions prior to 1.21.0.1880
**Description**
The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, as Kingsoft KDrive Personal does not verify X.509 certificates from SSL servers.
**Recommendations**
For versions prior to 1.21.0.1880, update to version 1.21.0.1880 or later to resolve the issue.