Summary
The host is installed with Microsoft Windows operating system and is prone to spoofing vulnerability.
This NVT has been superseded by KB2718704 Which is addressed in NVT gb_unauth_digital_cert_spoofing_vuln.nasl (OID:1.3.6.1.4.1.25623.1.0.802634).
Impact
Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.
Impact Level: System
Solution
Apply the Patch from below link,
For updates refer to http://support.microsoft.com/kb/2641690
Insight
The flaw is due to an error when handling the fraudulent digital certificates issued by Entrust and GTE CyberTrust. It is not properly validating its identity.
Affected
Windows 7 Service Pack 1 and prior
Windows XP Service Pack 3 and prior
Windows Vista Service Pack 2 and prior
Windows Server 2003 Service Pack 2 and prior
Windows Server 2008 Service Pack 2 and prior
References