N/A

The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker (alpha) 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, uses the same X.509 certificate private key for a root CA certificate across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging knowledge of this key, as originally reported for Superfish VisualDiscovery on certain Lenovo Notebook laptop products.

N/A

N/A

Komodia SDK for Komodia Redirector with SSL Digestor 信息泄露漏洞

Komodia SDK for Komodia Redirector with SSL Digestor是以色列Komodia公司的一套使用SSL加密和动态SSL解密执行数据的重定向平台工具。 多款Lavasoft产品中使用的SDK for Komodia Redirector with SSL Digestor中存在安全漏洞，该漏洞源于程序在不同用户的root CA证书安装过程中使用相同的X.509证书私钥。远程攻击者可借助已知的私钥利用该漏洞实施中间人攻击，伪造数据，欺骗服务器。以下产品受到影响：La

N/A

N/A