Design/Logic Flaw

Apple Safari does not require a cached certificate before displaying a lock icon for an https web site, which allows man-in-the-middle attackers to spoof an arbitrary https site by sending the browser a crafted 1 4xx or 2 5xx CONNECT response page for an https request sent through a proxy server...

Design/Logic Flaw

Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...

Design/Logic Flaw

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...

Design/Logic Flaw

Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site,...

Cross site request forgery (csrf)

Microsoft Internet Explorer before 8 displays a cached certificate for a 1 4xx or 2 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, an...

CVE-2009-2068

The CVE-2009-2068 entry relates to Google Chrome and describes a vulnerability where http content can be executed in the context of an https page when the top-level frame is https. Specifically, an attacker could modify an http page to include an https iframe that references a script on an http s...

CVE-2009-2067

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...

CVE-2009-2070

Opera displays a cached certificate for a 1 4xx or 2 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a...

CVE-2009-2068

Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site,...

CVE-2009-2062

Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...

CVE-2009-2065

CVE-2009-2065 (Mozilla Firefox) : Firefox 3.0.10 (and possibly other versions) is vulnerable to a context-mixing flaw where http content can be loaded in an https page when the top-level frame is https. An MITM attacker could modify an http page to include an https iframe that loads a script from...

CVE-2009-2070

CVE-2009-2070 describes a vulnerability in Opera where a proxy’s 4xx/5xx CONNECT responses trigger the browser to accept a forged certificate from the proxy in a single request, enabling a man‑in‑the‑middle attack. An attacker could then send a crafted 502 response on a subsequent request to spoo...

CVE-2009-2072

Apple Safari does not require a cached certificate before displaying a lock icon for an https web site, which allows man-in-the-middle attackers to spoof an arbitrary https site by sending the browser a crafted 1 4xx or 2 5xx CONNECT response page for an https request sent through a proxy server...

CVE-2009-2071

Removed by vendor...

CVE-2009-2072

CVE-2009-2072 affects Apple Safari. The vulnerability: Safari may display a lock icon for an HTTPS site without requiring a cached certificate, allowing a man-in-the-middle to spoof an arbitrary HTTPS site by sending a crafted (1) 4xx or (2) 5xx CONNECT response page through a proxy. This is docu...

CVE-2009-2063

Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...

CVE-2009-2065

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...

CVE-2009-2064

The CVE-2009-2064 issue affects Microsoft Internet Explorer 8 (and possibly other versions). It describes a cross-context content loading flaw where an HTTPS page loads HTTP content because the top-level frame is HTTPS, allowing an MITM attacker to modify an HTTP page to include an HTTPS iframe t...

CVE-2009-2067

The CVE-2009-2067 issue affects Opera browser. The vulnerability arises when an https page loads an http iframe referencing http content, allowing a MITM to inject arbitrary script within an https site context. This is tied to the HTTP-Intended-but-HTTPS-Loadable (HPIHSL) scenario and could enabl...

CVE-2009-2066

CVE-2009-2066 affects Apple Safari. The issue arises when https pages load http content that is referenced from an https site, allowing MITM attackers to modify an http page to include an https iframe that loads http scripts, enabling arbitrary web script execution in an https context. Root cause...