EUVD-2020-29817

Malware in sbrugna...

Avast AntiTrack and AVG Technologies Antitrack Trust Management Issue Vulnerabilities

Avast AntiTrack is a suite of antivirus software from the Czech company Avast.AVG Technologies Antitrack is a suite of antivirus software from the Czech company AVG Technologies. A trust management issue vulnerability exists in Avast AntiTrack versions prior to 1.5.1.172 and AVG Technologies...

CVE-2020-8987

Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow...

CVE-2020-8987

Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow...

Default configuration

Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow...

CVE-2020-8987

Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow...

CVE-2020-8987

The CVE-2020-8987 issue affects Avast AntiTrack (before 1.5.1.172) and AVG Antitrack (before 2.0.0.178). The root problem is that these products proxy HTTPS traffic but do not validate certificates, allowing a man-in-the-middle to host a malicious site using a self-signed certificate. This risk i...