CVE-2009-2511 vulnerability in Microsoft Products
Published on October 14, 2009

Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via an X.509 certificate that has a malformed ASN.1 Object Identifier (OID) and was issued by a legitimate Certification Authority, aka "Integer Overflow in X.509 Object Identifiers Vulnerability."

Vendor Advisory NVD

Products Associated with CVE-2009-2511

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Windows Server 2008

Microsoft Windows XP

Microsoft Windows 2000

Microsoft Windows 7

Microsoft Windows Vista

Microsoft Windows Server 2003

Exploit Probability

EPSS

14.51%

Percentile

94.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2009-2511 vulnerability in Microsoft ProductsPublished on October 14, 2009

Products Associated with CVE-2009-2511

Exploit Probability

CVE-2009-2511 vulnerability in Microsoft Products
Published on October 14, 2009