CVE Vulnerabilities

CVE-2003-0370

Published: Jun 16, 2003 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

Affected Software

Name Vendor Start Version End Version
Safari Apple 1.0 1.0
Safari Apple 1.0 1.0
Konqueror_embedded Kde 0.1 0.1
Kdelibs Ubuntu dapper *
Kdelibs Ubuntu devel *
Kdelibs Ubuntu edgy *
Kdelibs Ubuntu feisty *

References