CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2003-0975
https://notcve.org/view.php?id=CVE-2003-0975
10 Dec 2003 — Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. Apple Safari 1.0 a 1.1 en Mac OS X 10.3.1 y Mac OS X 10.2.8 permite a atacantes remotos robar 'cookies' de usuarios de otro dominio mediante un enlace con un carácter nulo codificado-hex (%00) seguido del dominio objetivo. • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2003-0370
https://notcve.org/view.php?id=CVE-2003-0370
05 Jun 2003 — Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitiría que atacantes remotos falsifiquen certificados mediante un ataque "man-in-the-middle". • http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0355
https://notcve.org/view.php?id=CVE-2003-0355
30 May 2003 — Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. Safari 1.0 Beta 2 (v73) y anteriores no validan el campo Common Name (CN) para Certificados X.509, lo que permitiría a atacantes remotos falsificar certificados. • http://www.securityfocus.com/archive/1/320707 •