4 matches found
CVE-2003-0592
CVE-2003-0592 affects KDE’s kdelibs (Konqueror) up to version 3.1.3. The flaw lets remote attackers bypass cookie-path restrictions by using encoded relative path components (e.g., /.. or %2e%2e) in a URL, causing cookies to be sent to a path outside the intended subset and potentially to another...
CVE-2003-0370
CVE-2003-0370 affects Konqueror Embedded and KDE 2.2.2 and earlier, where the Common Name (CN) in X.509 certificates is not validated, enabling possible MITM certificate spoofing in TLS/SSL traffic. Public disclosures reference CAN-2003-0370 and describe the remote exploitation potential through ...
CVE-2003-0355
Safari 1.0 Beta 2 (v73) and earlier are described as not validating the Common Name (CN) field in X.509 certificates, which could allow remote attackers to spoof certificates. The connected documents do not add concrete technical details such as affected components beyond the browser version, roo...
CVE-2003-0459
CVE-2003-0459 affects KDE Konqueror up to version 3.1.2, where credentials in URLs of the form user:password@host in the HTTP-Referer header are not removed. This may allow remote websites to steal user credentials for pages that link to them. The issue is a Kotlin? (not applicable) credential le...