Description
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/320707
Scores
EPSS
0.0035
EPSS Percentile
57.8%
Details
Status
published
Products (2)
apple/safari
1.0
kde/konqueror_embedded
Published
Jun 09, 2003
Tracked Since
Feb 18, 2026