CVE-2009-2071

Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

Published: Jun 15, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-2071
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
google / chrome	0.3.154.3	0.3.154.3.x
google / chrome	0.2.149.30	0.2.149.30.x
google / chrome	0.4.154.31	0.4.154.31.x
google / chrome	1.0.154.39	1.0.154.39.x
google / chrome	0.4.154.33	0.4.154.33.x
google / chrome	1.0.154.43	1.0.154.43.x
google / chrome	1.0.154.42	1.0.154.42.x
google / chrome	0.4.154.18	0.4.154.18.x
google / chrome	0.2.149.29	0.2.149.29.x
google / chrome	0.2.152.1	0.2.152.1.x
google / chrome	0.3.154.0	0.3.154.0.x
google / chrome	0.2.153.1	0.2.153.1.x
google / chrome	1.0.154.36	1.0.154.36.x
google / chrome	1.0.154.46	1.0.154.46.x
google / chrome	0.4.154.22	0.4.154.22.x
google / chrome	-	1.0.154.52.x

Vulnerability Database

CVE-2009-2071

Deep Security Visibility Without the Complexity