Lucene search
+L
KdeKonqueror Embedded

4 matches found

cve
cve
added 2004/03/16 5:0 a.m.79 views

CVE-2003-0592

CVE-2003-0592 affects KDE’s kdelibs (Konqueror) up to version 3.1.3. The flaw lets remote attackers bypass cookie-path restrictions by using encoded relative path components (e.g., /.. or %2e%2e) in a URL, causing cookies to be sent to a path outside the intended subset and potentially to another...

7.5CVSS6.4AI score0.04409EPSS
cve
cve
added 2003/06/05 4:0 a.m.75 views

CVE-2003-0370

CVE-2003-0370 affects Konqueror Embedded and KDE 2.2.2 and earlier, where the Common Name (CN) in X.509 certificates is not validated, enabling possible MITM certificate spoofing in TLS/SSL traffic. Public disclosures reference CAN-2003-0370 and describe the remote exploitation potential through ...

7.5CVSS6.3AI score0.02062EPSS
cve
cve
added 2003/05/30 4:0 a.m.70 views

CVE-2003-0355

Safari 1.0 Beta 2 (v73) and earlier are described as not validating the Common Name (CN) field in X.509 certificates, which could allow remote attackers to spoof certificates. The connected documents do not add concrete technical details such as affected components beyond the browser version, roo...

5CVSS7AI score0.00767EPSS
cve
cve
added 2003/08/01 4:0 a.m.68 views

CVE-2003-0459

CVE-2003-0459 affects KDE Konqueror up to version 3.1.2, where credentials in URLs of the form user:password@host in the HTTP-Referer header are not removed. This may allow remote websites to steal user credentials for pages that link to them. The issue is a Kotlin? (not applicable) credential le...

5CVSS6.5AI score0.02899EPSS