CVE-2014-5856

The CVE-2014-5856 entry concerns the Android app “Selfie Camera -Facial Beauty-” (package com.cfinc.cunpic) version 1.2.7. The root cause is failure to verify X.509 certificates from SSL servers, allowing MITM attackers to spoof servers and read sensitive information via a crafted certificate. Af...