4 matches found
CamDictionary - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application CamDictionary published at the 'play' market has multiple vulnerabilities...
CVE-2014-7749
The CamDictionary aka com.intsig.camdict application 2.3.0.20131118 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The CamDictionary aka com.intsig.camdict application 2.3.0.20131118 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7749
The CVE-2014-7749 entry concerns the CamDictionary Android app (package com.intsig.camdict) version 2.3.0.20131118, which does not verify X.509 certificates from SSL servers. This weakens SSL/TLS and can enable man-in-the-middle attackers to spoof servers and access sensitive information via a cr...