Moxie Marlinspike demonstrated in July 2009 that some CAs would
sign certificates that contain embedded NUL characters in the
Common Name or subjectAltName fields of ITU-T X.509
certificates.
Applications that would treat such X.509 strings as
NUL-terminated C strings (rather than strings that contain an
explicit length field) would only check the part up to and
excluding the NUL character, so that certificate names such as
www.good.example\0www.bad.example.com would be mistaken as a
certificate name for www.good.example. fetchmail also had this
design and implementation flaw.