CVE-2009-2071
CVE-2009-2071 affects Google Chrome versions before 1.0.154.53. The vulnerability arises when Chrome uses the HTTP Host header to interpret 4xx/5xx CONNECT responses from a proxy, which can enable a man-in-the-middle to spoof arbitrary HTTPS sites by letting the browser obtain a valid certificate...