Unrated severityNVD Advisory· Published Mar 9, 2020· Updated Aug 4, 2024
CVE-2020-8987
CVE-2020-8987
Description
Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow filtering of HTTPS traffic for tracking detection" enabled. (This is the default configuration.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Avast/AntiTrackdescription
Patches
Vulnerability mechanics
References
2- www.avast.com/hacker-hall-of-fame/en/researcher-david-eade-reports-antitrack-bug-to-avastmitrex_refsource_CONFIRM
- www.davideade.com/2020/03/avast-antitrack.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.