CVE-2009-3044

Name of the Vulnerable Software and Affected Versions: Opera versions prior to 10.00

Description: The issue arises from improper handling of certain characters in a domain name within the subject's Common Name (CN) field of an X.509 certificate. Specifically, it involves the handling of (1) '0' characters or (2) invalid wildcard characters. This could allow man-in-the-middle attackers to spoof arbitrary SSL servers by using a crafted certificate that is issued by a legitimate Certification Authority.

Recommendations: For Opera versions prior to 10.00, update to version 10.00 or later to resolve the issue.