CVE Vulnerabilities

CVE-2003-0370

Published: Jun 16, 2003 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

Affected Software

Name Vendor Start Version End Version
Safari Apple 1.0-beta (including) 1.0-beta (including)
Safari Apple 1.0-beta2 (including) 1.0-beta2 (including)
Konqueror_embedded Kde 0.1 (including) 0.1 (including)
Kdelibs Ubuntu dapper *
Kdelibs Ubuntu devel *
Kdelibs Ubuntu edgy *
Kdelibs Ubuntu feisty *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux 7.1 RedHat *
Red Hat Linux 7.2 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References