KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. More information is available in the upstream BTS: http://bugs.kde.org/show_bug.cgi?id=96020
This issue should also affect RHEL3. Than, Any idea if this affects RHEL2.1?
i close it as wontfix, http://bugs.kde.org/show_bug.cgi?id=96020