It looks like it uses a chosen plain text attack that exploits the multiplexing of multiple requests over the same SSL socket level connection that by design share the same key.