NA
CVSSv3

CVE-2009-2973

CVSSv4: NA | CVSSv3: NA | CVSSv2: 6.4 | VMScore: 740 | EPSS: 0.00099 | KEV: Not Included
Published: 27/08/2009 Updated: 21/11/2024

Vulnerability Summary

Google Chrome prior to 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle malicious users to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409.

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

google chrome 0.2.149.27

google chrome 0.2.149.29

google chrome 0.2.149.30

google chrome 0.2.152.1

google chrome 0.2.153.1

google chrome 0.3.154.0

google chrome 0.3.154.3

google chrome 0.4.154.18

google chrome 0.4.154.22

google chrome 0.4.154.31

google chrome 0.4.154.33

google chrome 1.0.154.36

google chrome 1.0.154.39

google chrome 1.0.154.42

google chrome 1.0.154.43

google chrome 1.0.154.46

google chrome 1.0.154.48

google chrome 1.0.154.52

google chrome 1.0.154.53

google chrome 1.0.154.59

google chrome 2.0.156.1

google chrome 2.0.157.0

google chrome 2.0.157.2

google chrome 2.0.158.0

google chrome 2.0.159.0

google chrome 2.0.172

google chrome 2.0.172.30

google chrome 2.0.172.31

google chrome 2.0.172.33