VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 15, 2009· Updated Apr 23, 2026

CVE-2009-2069

CVE-2009-2069

Description

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

Affected products

94
  • Microsoft/Ie5 versions
    cpe:2.3:a:microsoft:ie:5.0:sp1:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:ie:5.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.22:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*
  • Microsoft/Internet Explorer89 versions
    cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*+ 88 more
    • cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.