2 matches found
Kaspersky: Web protection component in Anti-Virus products family uses predictable links for certificate warnings
Summary Websites can predict links used in certificate warnings, Safe Money prompts, anti-phishing warnings and similar pages. This allows them to initiate actions without the user's knowledge. Description The links used to override certificate warnings have the following format: https:///?kiscup...
Kaspersky: Certificate warnings and similar UI elements in Web protection of Anti-Virus products family are susceptible to clickjacking
Summary Clickjacking can be used to trick users into overriding certificate warnings, disabling Safe Money functionality or phishing alerts. Description On certificate warning pages, a single click is sufficient to trigger overriding a wrong certificate. While an additional warning is displayed...