CVE Vulnerabilities

CVE-2009-2069

Improper Authentication

Published: Jun 15, 2009 | Modified: Jul 23, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Internet_explorer Microsoft 3.0 3.0
Internet_explorer Microsoft 3.0.1 3.0.1
Internet_explorer Microsoft 4.01 4.01
Internet_explorer Microsoft 4.01 4.01
Internet_explorer Microsoft 4.70.1215 4.70.1215
Internet_explorer Microsoft 4.70.1300 4.70.1300
Internet_explorer Microsoft 5 5
Internet_explorer Microsoft 5.0 5.0
Internet_explorer Microsoft 5.00.0518.10 5.00.0518.10
Internet_explorer Microsoft 5.00.0910.1309 5.00.0910.1309
Internet_explorer Microsoft 5.00.2920.0000 5.00.2920.0000
Internet_explorer Microsoft 6 6
Internet_explorer Microsoft 7 7
Internet_explorer Microsoft 6 6
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 3.0.2 3.0.2
Internet_explorer Microsoft 3.1 3.1
Internet_explorer Microsoft 3.2 3.2
Internet_explorer Microsoft 4.1 4.1
Internet_explorer Microsoft 4.40.308 4.40.308
Internet_explorer Microsoft 4.71.1008.3 4.71.1008.3
Internet_explorer Microsoft 4.71.1712.6 4.71.1712.6
Internet_explorer Microsoft 5.0.1 5.0.1
Internet_explorer Microsoft 5.00.3103.1000 5.00.3103.1000
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 6.00.2462.0000 6.00.2462.0000
Internet_explorer Microsoft 6.00.2479.0006 6.00.2479.0006
Internet_explorer Microsoft 6.0 6.0
Internet_explorer Microsoft 7.00.6000.16386 7.00.6000.16386
Internet_explorer Microsoft 7.00.6000.16441 7.00.6000.16441
Ie Microsoft 5.22 5.22
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 4.0 4.0
Internet_explorer Microsoft 4.0.1 4.0.1
Internet_explorer Microsoft 4.0.1 4.0.1
Internet_explorer Microsoft 4.0.1 4.0.1
Internet_explorer Microsoft 4.5 4.5
Internet_explorer Microsoft 4.40.520 4.40.520
Internet_explorer Microsoft 4.70.1155 4.70.1155
Internet_explorer Microsoft 4.70.1158 4.70.1158
Internet_explorer Microsoft 4.72.3612.1713 4.72.3612.1713
Internet_explorer Microsoft 4.71.544 4.71.544
Internet_explorer Microsoft 4.72.2106.8 4.72.2106.8
Internet_explorer Microsoft 4.72.3110.8 4.72.3110.8
Internet_explorer Microsoft 5.0.1 5.0.1
Internet_explorer Microsoft 5.0.1 5.0.1
Internet_explorer Microsoft 5.0.1 5.0.1
Internet_explorer Microsoft 5.0.1 5.0.1
Internet_explorer Microsoft 5.00.2014.0216 5.00.2014.0216
Internet_explorer Microsoft 5.00.2314.1003 5.00.2314.1003
Internet_explorer Microsoft 5.00.2614.3500 5.00.2614.3500
Internet_explorer Microsoft 5.00.2919.3800 5.00.2919.3800
Internet_explorer Microsoft 5.00.3105.0106 5.00.3105.0106
Internet_explorer Microsoft 5.00.3314.2101 5.00.3314.2101
Internet_explorer Microsoft 5.00.3315.1000 5.00.3315.1000
Internet_explorer Microsoft 5.00.3502.1000 5.00.3502.1000
Internet_explorer Microsoft 5.50.3825.1300 5.50.3825.1300
Internet_explorer Microsoft 5.50.4030.2400 5.50.4030.2400
Internet_explorer Microsoft 5.50.4134.0600 5.50.4134.0600
Internet_explorer Microsoft 5.50.4308.2900 5.50.4308.2900
Internet_explorer Microsoft 5.1 5.1
Internet_explorer Microsoft 5.2.3 5.2.3
Internet_explorer Microsoft 6.0.2600 6.0.2600
Internet_explorer Microsoft 6.0.2800 6.0.2800
Internet_explorer Microsoft 6.0.2800.1106 6.0.2800.1106
Internet_explorer Microsoft 6.0.2900 6.0.2900
Internet_explorer Microsoft 6.00.2800.1106 6.00.2800.1106
Internet_explorer Microsoft 7.0 7.0
Internet_explorer Microsoft 7.0 7.0
Internet_explorer Microsoft 7.0.5730.11 7.0.5730.11
Internet_explorer Microsoft 6.00.2900.2180 6.00.2900.2180
Internet_explorer Microsoft 6.00.3663.0000 6.00.3663.0000
Internet_explorer Microsoft 6.00.3790.0000 6.00.3790.0000
Internet_explorer Microsoft 7.0 7.0
Ie Microsoft 6.0 6.0
Ie Microsoft 5.0 5.0
Ie Microsoft 6.0 6.0
Ie Microsoft 5.0 5.0
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.00.2919.800 5.00.2919.800
Internet_explorer Microsoft 5.00.2919.6307 5.00.2919.6307
Internet_explorer Microsoft 5.00.3700.1000 5.00.3700.1000
Internet_explorer Microsoft 5.50.4522.1800 5.50.4522.1800
Internet_explorer Microsoft 5.50.4807.2300 5.50.4807.2300
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 6.0.2900.2180 6.0.2900.2180
Internet_explorer Microsoft 6.00.3790.1830 6.00.3790.1830
Internet_explorer Microsoft 6.00.3790.3959 6.00.3790.3959
Internet_explorer Microsoft 7.0 7.0
Internet_explorer Microsoft 7.00.5730.1100 7.00.5730.1100

Potential Mitigations

References