Test ID:	1.3.6.1.4.1.25623.1.0.803007
Category:	Windows
Title:	Microsoft Windows Minimum Certificate Key Length Spoofing Vulnerability (2661254)
Summary:	Microsoft Windows operating system is prone to digital certificate key length spoofing vulnerability.
Description:	Summary: Microsoft Windows operating system is prone to digital certificate key length spoofing vulnerability. Vulnerability Insight: The private keys used in digital certificate with RSA keys less than 1024 bits in length can be derived and could allow an attacker to duplicate the certificates. An duplicate certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. Vulnerability Impact: Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or perform man-in-the-middle attacks. Affected Software/OS: - Microsoft Windows XP x32 Edition Service Pack 3 and prior - Microsoft Windows XP x64 Edition Service Pack 2 and prior - Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior Solution: Apply the patch from the referenced advisory. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.