CVE-2009-0089

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description A spoofing issue exists due to incomplete validation of the distinguished name in a digital certificate. This can be combined with other attacks, such as DNS spoofing, allowing an attacker to spoof a digital certificate of a website for applications using Windows HTTP Services.

Recommendations For Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.