2 matches found
CVE-2014-5644
The Brightest LED Flashlight aka com.intellectualflame.ledflashlight.washer application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5644
The CVE-2014-5644 entry concerns The Brightest LED Flashlight (com.intellectualflame.ledflashlight.washer) Android app v1.2.4. The connected NVD/NVD-derived records state that the app does not verify X.509 certificates from SSL servers, enabling a man-in-the-middle scenario where an attacker coul...