Microsoft Corporation

Updated:  December 31, 2008

Statement Date:   December 30, 2008

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Microsoft Security Advisory (961509): http://www.microsoft.com/technet/security/advisory/961509.mspx

Addendum

There are no additional comments at this time.

Mozilla

Updated:  December 31, 2008

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see the following Mozilla Security Blog post for more information: http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/

Verisign

Updated:  December 31, 2008

Statement Date:   December 30, 2008

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Tim Callan of Verisign has posted the following blog entry: https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php