CVE-2014-6700

2014-09-23T21:55:13
ID CVE-2014-6700
Type cve
Reporter NVD
Modified 2014-10-04T20:07:29

Description

The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.