CVE-2003-0370

EPSS 0.94%
Veröffentlicht 16.06.2003 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari Version1.0 Updatebeta

Apple ≫ Safari Version1.0 Updatebeta2

Kde ≫ Konqueror Embedded Version0.1

Kde ≫ Kde Version <= 2.2.2

Redhat ≫ Linux Version7.1

Redhat ≫ Linux Version7.2

Turbolinux ≫ Turbolinux Server Version7.0

Turbolinux ≫ Turbolinux Server Version8.0

Turbolinux ≫ Turbolinux Workstation Version7.0

Turbolinux ≫ Turbolinux Workstation Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.94%	0.741

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.securityfocus.com/archive/1/320707

Vendor Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html

http://www.debian.org/security/2003/dsa-361

http://www.kde.org/info/security/advisory-20030602-1.txt

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2003-192.html

Patch

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2003-193.html

http://www.securityfocus.com/bid/7520

http://www.turbolinux.com/security/TLSA-2003-36.txt

https://nvd.nist.gov/vuln/detail/CVE-2003-0370

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0370

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0370

EUVD