Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-2973HistoryAug 27, 2009 - 5:30 p.m.
CVE-2009-2973
2009-08-2717:30:00
Debian Security Bug Tracker
security-tracker.debian.org
13
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | chromium-browser | < 70.0.3538.110-1~deb9u1 | chromium-browser_70.0.3538.110-1~deb9u1_all.deb |
Related
prion
prion
Design/Logic Flaw
2009-08-27 17:30:00
Code injection
2009-07-30 19:30:00
cve
cve
CVE-2009-2973
2009-08-27 17:30:00
CVE-2009-2409
2009-07-30 19:30:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:258 (openssl)
2009-10-13 00:00:00
Ubuntu USN-830-1 (openssl)
2009-09-15 00:00:00
OpenSSL/GnuTLS SSL Server Spoofing Vulnerability - Windows
2009-08-05 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : openssl vulnerability (USN-830-1)
2009-09-15 00:00:00
Mandriva Linux Security Advisory : openssl (MDVSA-2009:258)
2009-10-08 00:00:00
F5 Networks BIG-IP : MD2 Message-Digest Algorithm vulnerability (SOL15663)
2014-10-10 00:00:00
f5
f5
K15663 : MD2 Message-Digest Algorithm vulnerability CVE-2009-2409
2014-10-23 00:00:00
SOL15663 - MD2 Message-Digest Algorithm vulnerability CVE-2009-2409
2014-10-09 00:00:00
debiancve
debiancve
CVE-2009-2409
2009-07-30 19:30:00
ubuntucve
ubuntucve
CVE-2009-2409
2009-07-30 00:00:00
ubuntu
ubuntu
OpenSSL vulnerability
2009-09-14 00:00:00
NSS regression
2009-09-02 00:00:00
GnuTLS vulnerabilities
2009-08-19 00:00:00
veracode
veracode
Spoofing Attack
2020-04-10 00:33:40
osv
osv
gnutls13 gnutls26 - SSL certificate
2009-11-17 00:00:00
nss - several vulnerabilities
2009-08-26 00:00:00
debian
debian
oraclelinux
oraclelinux
openssl security update
2010-01-20 00:00:00
gnutls security update
2010-03-25 00:00:00
openssl security update
2010-03-25 00:00:00
securityvulns
securityvulns
GnuTLS library certificate spoofing
2009-08-20 00:00:00
[USN-809-1] GnuTLS vulnerabilities
2009-08-20 00:00:00
Sun Java multiple security vulnerabilities
2009-11-05 00:00:00
redhat
redhat
(RHSA-2010:0166) Moderate: gnutls security update
2010-03-25 00:00:00
(RHSA-2010:0054) Moderate: openssl security update
2010-01-19 00:00:00
(RHSA-2009:1207) Critical: nspr and nss security update
2009-08-12 00:00:00
centos
centos
openssl security update
2010-01-20 23:10:16
gnutls security update
2010-03-26 21:48:08
openssl security update
2010-03-25 22:38:39
vmware
vmware
VMware ESX third party updates for Service Console
2010-12-07 00:00:00
VMware ESX third party updates for Service Console
2010-12-07 00:00:00
VMware ESX third party updates for Service Console
2010-09-30 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2009-12-01 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: java-1.6.0-openjdk-1.6.0.0-30.b16.fc11
2009-11-14 03:30:20
[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-33.b16.fc12
2009-11-14 03:32:17
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-23.b16.fc10
2009-11-14 03:33:25
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related for DEBIANCVE:CVE-2009-2973