CVE-2013-2120

Summary

The %{password(…)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.

Affected Software

VendorProductVersion RangeStatus
n/aKDE Paste Appletbefore 4.10.5affected

Weaknesses

  • Insufficient Random Number Generation

ADP Enrichment

CVE Program Container

Additional References

References