CVE-2003-0370 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2003-0370
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0370

Description: Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

CVE Status: Candidate

References: TURBO http://www.turbolinux.com/security/TLSA-2003-36.txt REDHAT http://www.redhat.com/support/errata/RHSA-2003-193.html http://www.redhat.com/support/errata/RHSA-2003-192.html FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html DEBIAN http://www.debian.org/security/2003/dsa-361 CONFIRM http://www.kde.org/info/security/advisory-20030602-1.txt BUGTRAQ http://www.securityfocus.com/archive/1/320707 BID 7520

Return to the previous page.