CVE-2009-2068

Name of the Vulnerable Software and Affected Versions Google Chrome (affected versions not specified)

Description The issue allows man-in-the-middle attackers to execute arbitrary web script in an https site's context. This is possible by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.