Notified: February 20, 2015 Updated: February 23, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
StaffCop version 5.8 is affected.
Notified: March 17, 2015 Updated: March 17, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
DyKnow version 5.7 is affected.
Notified: February 22, 2015 Updated: February 22, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Infoweise SecureTeen Windows Parental Control is affected.
Notified: February 19, 2015 Updated: February 23, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
KeepMyFamilySecure is affected.
Notified: February 19, 2015 Updated: March 02, 2015
Statement Date: March 01, 2015
Affected
http://www.komodia.com/security-notice
We are not aware of further vendor information regarding this vulnerability.
Komodia Redirector with SSL Digestor is affected.
Updated: February 20, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: February 20, 2015 Updated: February 25, 2015
Statement Date: February 23, 2015
Affected
Here's the official statement from the company (on our website), announcing the updated release which is now live: http://webcompanion.com/komodia-vulnerability-statement
* For the past year, Lavasoft was developing and testing a new security feature in Ad-Aware Web Companion to scan and eliminate malicious content/advertising in HTTPS traffic, including content injected by internet proxies installed on the PC. * This functionality was implemented with one of Komodia's public SDKs (the SSL Digestor). At no point was any encrypted information collected or analyzed. All analysis of incoming traffic to eliminate security risks was performed on the end-user's PC. * Several weeks prior to the public announcement of the root CA certificate vulnerability, and upon consultation with our partners and evaluation of the risks/benefits, Lavasoft took the decision to remove the functionality that required the SSL Digestor. * Lavasoft's most recent release of Ad-Aware Web Companion (released on February 18th 2015) does not include this capability, but we have confirmed that the compromised component of the Komodia SSL Digestor is still present. A new release of Web Companion will be issued imminently to correct this, with all end-users being notified of the update via the product. In the interim, the root CA certificate issued to "Lavasoft Limited" can be removed manually without consequences to the product. * Ad-Aware AdBlocker (alpha) 1.3.69.1 is an unreleased and unsupported product. Alpha testers who have not uninstalled it by now are instructed to do so immediately, and to manually check to ensure the root CA certificate has been deleted as we cannot guarantee the effectiveness of the uninstaller in this pre-released version.
Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker (alpha) 1.3.69.1 are affected.
Notified: February 19, 2015 Updated: February 23, 2015
Statement Date: February 19, 2015
Affected
Please refer to our security advisory posted here: http://support.lenovo.com/us/en/product_security/superfish
We are not aware of further vendor information regarding this vulnerability.
For a list of affected Lenovo products, please visit the security advisory provided in the vendor statement.
Notified: February 19, 2015 Updated: February 26, 2015
Statement Date: February 20, 2015
Affected
http://www.qustodio.com/en/blog/2015/02/qustodio-publishes-security-fix-windows-component-vulnerability
We are not aware of further vendor information regarding this vulnerability.
Qustodio for Windows is affected.
Notified: February 19, 2015 Updated: February 23, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Superfish Visual Discovery is affected.
Notified: March 02, 2015 Updated: March 02, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
UtilTool Antivirus version 3.3.71 is affected.
Notified: February 20, 2015 Updated: February 26, 2015
Statement Date: February 25, 2015
Affected
Yesterday we released an update update to our software (Easy-Hide-IP VPN 3.0.2) that includes an updated version of Komodia WITHOUT the SSL component. The SSL component was used in Easy-Hide-IP Classic 5.0.0.3 to filter prvacy risks but is no longer included in the latest version application. Existing Easy-Hide-IP users are now being migrated to the combined VPN/Classic client and the old client is being retired. The Komodia team have assured us that this version is 100% clear of any SSL modification. Please let us know if you have any questions or comments.
We are not aware of further vendor information regarding this vulnerability.
Easy Hide IP Classic version 5.0.0.3.1 is affected.