CVE-2009-3045
First published: Wed Sep 02 2009(Updated: )
Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opera | =7.23 | |
| Opera | =9.02 | |
| Opera | =7.53 | |
| Opera | =8.50 | |
| Opera | =9.51 | |
| Opera | =8.53 | |
| Opera | =9.12 | |
| Opera | =8.0 | |
| Opera | =8.54 | |
| Opera | =8.02 | |
| Opera | =9.20 | |
| Opera | =9.21 | |
| Opera | =8.51 | |
| Opera | =9.64 | |
| Opera | =7.60 | |
| Opera | =7.54 | |
| Opera | =9.22 | |
| Opera | =9.01 | |
| Opera | =9.0 | |
| Opera | =9.10 | |
| Opera | <=10.00 | |
| Opera | =8.52 | |
| Opera | =8.01 | |
| Opera | =9.52 | |
| Opera | =7.0 | |
| Web Browser for Android | <=10.00 | |
| Web Browser for Android | =7.0 | |
| Web Browser for Android | =7.23 | |
| Web Browser for Android | =7.53 | |
| Web Browser for Android | =7.54 | |
| Web Browser for Android | =7.60 | |
| Web Browser for Android | =8.0 | |
| Web Browser for Android | =8.01 | |
| Web Browser for Android | =8.02 | |
| Web Browser for Android | =8.50 | |
| Web Browser for Android | =8.51 | |
| Web Browser for Android | =8.52 | |
| Web Browser for Android | =8.53 | |
| Web Browser for Android | =8.54 | |
| Web Browser for Android | =9.0 | |
| Web Browser for Android | =9.01 | |
| Web Browser for Android | =9.02 | |
| Web Browser for Android | =9.10 | |
| Web Browser for Android | =9.12 | |
| Web Browser for Android | =9.20 | |
| Web Browser for Android | =9.21 | |
| Web Browser for Android | =9.22 | |
| Web Browser for Android | =9.51 | |
| Web Browser for Android | =9.52 | |
| Web Browser for Android | =9.64 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.opera.com/docs/changelogs/mac/1000/
- http://www.opera.com/docs/changelogs/freebsd/1000/
- http://www.opera.com/docs/changelogs/windows/1000/
- http://www.opera.com/support/kb/view/933/
- http://www.opera.com/docs/changelogs/linux/1000/
- http://www.opera.com/docs/changelogs/solaris/1000/
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6442
Frequently Asked Questions
What is the severity of CVE-2009-3045?
CVE-2009-3045 has been classified as a medium severity vulnerability due to its potential to allow man-in-the-middle attacks.
How do I fix CVE-2009-3045?
To mitigate CVE-2009-3045, upgrade your Opera browser to version 10.00 or higher, which addresses this vulnerability.
What versions of Opera are affected by CVE-2009-3045?
CVE-2009-3045 affects multiple versions of Opera, specifically those prior to version 10.00.
What type of attack does CVE-2009-3045 facilitate?
CVE-2009-3045 facilitates man-in-the-middle attacks by trusting root X.509 certificates signed with the MD2 algorithm.
What is the root cause of CVE-2009-3045?
The root cause of CVE-2009-3045 is the acceptance of compromised certificates that exploit the weakness of the MD2 hashing algorithm.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- collector/nvd-historical
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/opera
- canonical/opera
- version/opera/7.23
- version/opera/9.02
- version/opera/7.53
- version/opera/8.50
- version/opera/9.51
- version/opera/8.53
- version/opera/9.12
- version/opera/8.0
- version/opera/8.54
- version/opera/8.02
- version/opera/9.20
- version/opera/9.21
- version/opera/8.51
- version/opera/9.64
- version/opera/7.60
- version/opera/7.54
- version/opera/9.22
- version/opera/9.01
- version/opera/9.0
- version/opera/9.10
- version/opera/10.00
- version/opera/8.52
- version/opera/8.01
- version/opera/9.52
- version/opera/7.0
- canonical/web browser for android
- version/web browser for android/10.00
- version/web browser for android/7.0
- version/web browser for android/7.23
- version/web browser for android/7.53
- version/web browser for android/7.54
- version/web browser for android/7.60
- version/web browser for android/8.0
- version/web browser for android/8.01
- version/web browser for android/8.02
- version/web browser for android/8.50
- version/web browser for android/8.51
- version/web browser for android/8.52
- version/web browser for android/8.53
- version/web browser for android/8.54
- version/web browser for android/9.0
- version/web browser for android/9.01
- version/web browser for android/9.02
- version/web browser for android/9.10
- version/web browser for android/9.12
- version/web browser for android/9.20
- version/web browser for android/9.21
- version/web browser for android/9.22
- version/web browser for android/9.51
- version/web browser for android/9.52
- version/web browser for android/9.64