X.509 Certificate Spoofing Vulnerability in Konqueror Embedded and KDE 2.2.2 and Earlier

X.509 Certificate Spoofing Vulnerability in Konqueror Embedded and KDE 2.2.2 and Earlier

CVE-2003-0370 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

Learn more about our Web Application Penetration Testing UK.