It appears that many browsers will gladly accept wildcard certificates for IP addresses versus expecting proper domain names for the CN. This is,.. well, very interesting and violates RFC 2818.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/93249/wp-10-0001.txt
Source: https://packetstormsecurity.com/files/93249/Multiple-Browser-Wildcard-Cerficate-Validation-Weakness.html