CVE-2010-3900

Name of the Vulnerable Software and Affected Versions Midori versions prior to 0.2.5

Description The issue allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, because it does not verify X.509 certificates when using WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91.

Recommendations For Midori versions prior to 0.2.5, update to version 0.2.5 or later to resolve the issue.