The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
[
{
"product": "NTV News24",
"vendor": "Nippon Television Network Corporation",
"versions": [
{
"status": "affected",
"version": "prior to Ver.3.0.0"
}
]
}
]