4 matches found
CVE-2014-5610
The ce4arab market aka com.dreamstep.wce4arabmarket application 0.12.13093.40460 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The ce4arab market aka com.dreamstep.wce4arabmarket application 0.12.13093.40460 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5610
The ce4arab market aka com.dreamstep.wce4arabmarket application 0.12.13093.40460 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5610
The CVE-2014-5610 entry describes a vulnerability in the Android ce4arab market (com.dreamstep.wce4arabmarket) app version 0.12.13093.40460 where TLS/SSL X.509 certificate verification is not performed by the client, enabling a man-in-the-middle to spoof servers and obtain sensitive information v...