Vulnerability in Apple Safari

CVE-2003-0370

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

EPSS: 0.021 (78.9th percentile) — read the EPSS interpretation.

Affected products

Apple Safari — versions 1.0
Kde
Kde Konqueror_embedded — versions 0.1
Turbolinux Turbolinux_server — versions 7.0, 8.0
Turbolinux Turbolinux_workstation — versions 7.0, 8.0
Redhat Linux — versions 7.1, 7.2
N/a — versions n/a

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
cve@mitre.org (mailing-list, x_refsource_FULLDISC)
cve@mitre.org (vendor-advisory, x_refsource_TURBO)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)