CVE-2014-7090
The affected software is the Android app MyVCCCD (package name com.dub.app.ventura ) version 1.4.14 . The vulnerability is a failure to verify TLS/SSL certificates: the app does not verify X.509 certificates from SSL servers. Root cause: missing certificate validation logic enables an attacker to...