CVE-2014-7628

The CVE-2014-7628 entry concerns the Acorn Comms Android application (version 3.0) that does not verify X.509 certificates from SSL servers. Root cause: missing certificate verification enabling man-in-the-middle attacks to spoof servers and exfiltrate sensitive information via a crafted certific...