CVE-2011-1094

Name of the Vulnerable Software and Affected Versions kdelibs versions prior to 4.6.1 kdelibs versions prior to 4.12.5-r1

Description The issue is related to the verification of server hostname matches with the domain name of the subject of an X.509 certificate. This could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different issue. Multiple vulnerabilities in the kdelibs package can lead to a breach of protected information, and exploitation can be done remotely.

Recommendations For versions prior to 4.6.1, update to version 4.6.1 or later. For versions prior to 4.12.5-r1, update to version 4.12.5-r1 or later. As a temporary workaround, consider restricting access to SSL servers until a patch is available.