1 results (0.001 seconds)
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8987
https://notcve.org/view.php?id=CVE-2020-8987
09 Mar 2020 — Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow filtering of HTTPS traffic for tracking detection" enabled. (This is the default configuration.) Avast AntiTrack versiones anteriores a 1.5.1.172 y AVG Antitrack versiones anteriores a 2.0.0.178, envían tráfico hacia... • https://www.avast.com/hacker-hall-of-fame/en/researcher-david-eade-reports-antitrack-bug-to-avast • CWE-295: Improper Certificate Validation •