CVE-2003-0370

Currently unrated

Key Information:

Vendor: Apple
Status: Safari; Konqueror Embedded
Vendor: CVE Published:; 16 June 2003

Summary

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

References

http://www.redhat.com/support/errata/RHSA-2003-192.html

vendor-advisoryx_refsource_REDHAT

http://lists.grok.org.uk/pipermail/full-disclosure/2003-M...

mailing-listx_refsource_FULLDISC

http://www.turbolinux.com/security/TLSA-2003-36.txt

vendor-advisoryx_refsource_TURBO

Timeline

Vulnerability published
Jun 16, 2003
Vulnerability Reserved
Jun 3, 2003