Vulnerabilities

CVE-2009-2973

by Fred · 27/08/2009

Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409.

Date published : 2009-08-27

http://code.google.com/p/chromium/issues/detail?id=18725

http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html

Similar

Tags: Cybersecurity Alert