VYPR
Unrated severityNVD Advisory· Published Sep 24, 2002· Updated Jun 16, 2026

CVE-2002-0970

CVE-2002-0970

Description

The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • KDE/Konqueror5 versions
    cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*
    • (no CPE)range: <=3.0.2
  • KDE/Kde4 versions
    cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.