CVE-2009-0653

2009-02-20T19:30:00
ID CVE-2009-0653
Type cve
Reporter cve@mitre.org
Modified 2009-06-25T04:00:00

Description

OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.