[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2003-0370Date: (C)2003-06-16   (M)2023-12-22


Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/320707
http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html
BID-7520
DSA-361
RHSA-2003:192
RHSA-2003:193
TLSA-2003-36
http://www.kde.org/info/security/advisory-20030602-1.txt

CPE    4
cpe:/a:apple:safari:1.0:beta2
cpe:/a:apple:safari:1.0:beta
cpe:/o:redhat:linux:7.1
cpe:/o:redhat:linux:7.2
...

© SecPod Technologies