CVE-2009-2071

Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name	Vendor	Start Version	End Version
Chrome	Google	*	1.0.154.52 (including)
Chrome	Google	0.2.149.29 (including)	0.2.149.29 (including)
Chrome	Google	0.2.149.30 (including)	0.2.149.30 (including)
Chrome	Google	0.2.152.1 (including)	0.2.152.1 (including)
Chrome	Google	0.2.153.1 (including)	0.2.153.1 (including)
Chrome	Google	0.3.154.0 (including)	0.3.154.0 (including)
Chrome	Google	0.3.154.3 (including)	0.3.154.3 (including)
Chrome	Google	0.4.154.18 (including)	0.4.154.18 (including)
Chrome	Google	0.4.154.22 (including)	0.4.154.22 (including)
Chrome	Google	0.4.154.31 (including)	0.4.154.31 (including)
Chrome	Google	0.4.154.33 (including)	0.4.154.33 (including)
Chrome	Google	1.0.154.36 (including)	1.0.154.36 (including)
Chrome	Google	1.0.154.39 (including)	1.0.154.39 (including)
Chrome	Google	1.0.154.42 (including)	1.0.154.42 (including)
Chrome	Google	1.0.154.43 (including)	1.0.154.43 (including)
Chrome	Google	1.0.154.46 (including)	1.0.154.46 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-2071
CWE	https://cwe.mitre.org/data/definitions/287.html

Improper Authentication

Weakness

Affected Software

Potential Mitigations

References

CVE-2009-2071

Improper Authentication

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References