Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2009-2409

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.

  • Published: Jul 30, 2009
  • Updated: Nov 8, 2023
  • CVE: CVE-2009-2409
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.1
  • AV:N/AC:H/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
mozilla / firefox - -
mozilla / nss - 3.12.2.x
mozilla / nss 3.0 3.0.x
mozilla / nss 3.2 3.2.x
mozilla / nss 3.2.1 3.2.1.x
mozilla / nss 3.3 3.3.x
mozilla / nss 3.3.1 3.3.1.x
mozilla / nss 3.3.2 3.3.2.x
mozilla / nss 3.4 3.4.x
mozilla / nss 3.4.1 3.4.1.x
mozilla / nss 3.4.2 3.4.2.x
mozilla / nss 3.4.3 3.4.3.x
mozilla / nss 3.5 3.5.x
mozilla / nss 3.6 3.6.x
mozilla / nss 3.6.1 3.6.1.x
mozilla / nss 3.7 3.7.x
mozilla / nss 3.7.1 3.7.1.x
mozilla / nss 3.7.2 3.7.2.x
mozilla / nss 3.7.3 3.7.3.x
mozilla / nss 3.7.5 3.7.5.x
mozilla / nss 3.7.7 3.7.7.x
mozilla / nss 3.8 3.8.x
mozilla / nss 3.9 3.9.x
mozilla / nss 3.9.5 3.9.5.x
mozilla / nss 3.10 3.10.x
mozilla / nss 3.11.2 3.11.2.x
mozilla / nss 3.11.4 3.11.4.x
mozilla / nss 3.11.7 3.11.7.x
mozilla / nss 3.11.8 3.11.8.x
mozilla / nss 3.12 3.12.x
mozilla / nss 3.12.1 3.12.1.x
openssl / openssl 0.9.8b 0.9.8b.x
openssl / openssl 0.9.8c 0.9.8c.x
openssl / openssl 0.9.8e 0.9.8e.x
openssl / openssl 0.9.8g 0.9.8g.x
openssl / openssl 0.9.8k 0.9.8k.x
openssl / openssl 0.9.8d 0.9.8d.x
openssl / openssl 0.9.8j 0.9.8j.x
openssl / openssl 0.9.8a 0.9.8a.x
openssl / openssl 0.9.8 0.9.8.x
openssl / openssl 0.9.8i 0.9.8i.x
openssl / openssl 0.9.8f 0.9.8f.x
openssl / openssl 0.9.8h 0.9.8h.x
gnu / gnutls 2.3.5 2.3.5.x
gnu / gnutls 1.6.0 1.6.0.x
gnu / gnutls 2.0.0 2.0.0.x
gnu / gnutls 1.5.0 1.5.0.x
gnu / gnutls 1.2.8 1.2.8.x
gnu / gnutls 1.1.14 1.1.14.x
gnu / gnutls 2.3.4 2.3.4.x
gnu / gnutls 1.7.3 1.7.3.x
gnu / gnutls 2.7.4 2.7.4.x
gnu / gnutls 1.4.1 1.4.1.x
gnu / gnutls 1.4.3 1.4.3.x
gnu / gnutls 2.6.1 2.6.1.x
gnu / gnutls 1.2.11 1.2.11.x
gnu / gnutls 1.1.21 1.1.21.x
gnu / gnutls 1.7.5 1.7.5.x
gnu / gnutls 1.7.11 1.7.11.x
gnu / gnutls 1.0.20 1.0.20.x
gnu / gnutls 1.2.5 1.2.5.x
gnu / gnutls 2.2.4 2.2.4.x
gnu / gnutls 1.0.17 1.0.17.x
gnu / gnutls 1.2.4 1.2.4.x
gnu / gnutls 1.3.1 1.3.1.x
gnu / gnutls 1.0.24 1.0.24.x
gnu / gnutls 1.7.15 1.7.15.x
gnu / gnutls 1.6.1 1.6.1.x
gnu / gnutls 1.0.21 1.0.21.x
gnu / gnutls 1.4.2 1.4.2.x
gnu / gnutls - 2.6.3.x
gnu / gnutls 1.7.8 1.7.8.x
gnu / gnutls 1.7.0 1.7.0.x
gnu / gnutls 2.1.0 2.1.0.x
gnu / gnutls 2.3.1 2.3.1.x
gnu / gnutls 1.0.16 1.0.16.x
gnu / gnutls 2.2.5 2.2.5.x
gnu / gnutls 2.1.1 2.1.1.x
gnu / gnutls 2.3.8 2.3.8.x
gnu / gnutls 1.7.18 1.7.18.x
gnu / gnutls 1.1.20 1.1.20.x
gnu / gnutls 2.1.7 2.1.7.x
gnu / gnutls 2.1.4 2.1.4.x
gnu / gnutls 1.2.10 1.2.10.x
gnu / gnutls 1.5.3 1.5.3.x
gnu / gnutls 1.1.22 1.1.22.x
gnu / gnutls 1.6.3 1.6.3.x
gnu / gnutls 2.6.0 2.6.0.x
gnu / gnutls 2.1.6 2.1.6.x
gnu / gnutls 1.4.5 1.4.5.x
gnu / gnutls 1.5.1 1.5.1.x
gnu / gnutls 1.4.0 1.4.0.x
gnu / gnutls 1.7.4 1.7.4.x
gnu / gnutls 1.7.13 1.7.13.x
gnu / gnutls 2.3.2 2.3.2.x
gnu / gnutls 2.3.9 2.3.9.x
gnu / gnutls 2.2.2 2.2.2.x
gnu / gnutls 2.2.0 2.2.0.x
gnu / gnutls 2.3.11 2.3.11.x
gnu / gnutls 1.3.4 1.3.4.x
gnu / gnutls 2.5.0 2.5.0.x
gnu / gnutls 2.6.2 2.6.2.x
gnu / gnutls 1.0.19 1.0.19.x
gnu / gnutls 1.7.2 1.7.2.x
gnu / gnutls 1.2.1 1.2.1.x
gnu / gnutls 1.1.19 1.1.19.x
gnu / gnutls 2.0.4 2.0.4.x
gnu / gnutls 1.1.18 1.1.18.x
gnu / gnutls 1.5.4 1.5.4.x
gnu / gnutls 1.7.9 1.7.9.x
gnu / gnutls 2.4.0 2.4.0.x
gnu / gnutls 2.1.3 2.1.3.x
gnu / gnutls 2.4.1 2.4.1.x
gnu / gnutls 1.7.10 1.7.10.x
gnu / gnutls 1.1.13 1.1.13.x
gnu / gnutls 1.2.8.1a1 1.2.8.1a1.x
gnu / gnutls 2.3.7 2.3.7.x
gnu / gnutls 2.0.3 2.0.3.x
gnu / gnutls 1.2.2 1.2.2.x
gnu / gnutls 1.7.19 1.7.19.x
gnu / gnutls 1.5.5 1.5.5.x
gnu / gnutls 1.2.0 1.2.0.x
gnu / gnutls 1.0.18 1.0.18.x
gnu / gnutls 1.2.7 1.2.7.x
gnu / gnutls 1.3.2 1.3.2.x
gnu / gnutls 1.0.25 1.0.25.x
gnu / gnutls 1.1.15 1.1.15.x
gnu / gnutls 2.1.2 2.1.2.x
gnu / gnutls 1.0.23 1.0.23.x
gnu / gnutls 2.4.2 2.4.2.x
gnu / gnutls 1.3.0 1.3.0.x
gnu / gnutls 1.3.5 1.3.5.x
gnu / gnutls 1.7.14 1.7.14.x
gnu / gnutls 1.1.23 1.1.23.x
gnu / gnutls 1.2.3 1.2.3.x
gnu / gnutls 1.2.6 1.2.6.x
gnu / gnutls 2.3.6 2.3.6.x
gnu / gnutls 1.2.9 1.2.9.x
gnu / gnutls 1.7.17 1.7.17.x
gnu / gnutls 2.3.3 2.3.3.x
gnu / gnutls 2.1.8 2.1.8.x
gnu / gnutls 1.7.7 1.7.7.x
gnu / gnutls 2.0.1 2.0.1.x
gnu / gnutls 1.7.6 1.7.6.x
gnu / gnutls 2.2.1 2.2.1.x
gnu / gnutls 2.1.5 2.1.5.x
gnu / gnutls 1.7.1 1.7.1.x
gnu / gnutls 1.5.2 1.5.2.x
gnu / gnutls 1.7.16 1.7.16.x
gnu / gnutls 1.7.12 1.7.12.x
gnu / gnutls 1.1.16 1.1.16.x
gnu / gnutls 2.3.10 2.3.10.x
gnu / gnutls 1.0.22 1.0.22.x
gnu / gnutls 2.0.2 2.0.2.x
gnu / gnutls 2.3.0 2.3.0.x
gnu / gnutls 1.6.2 1.6.2.x
gnu / gnutls 2.2.3 2.2.3.x
gnu / gnutls 1.4.4 1.4.4.x
gnu / gnutls 1.1.17 1.1.17.x
gnu / gnutls 1.3.3 1.3.3.x