CVE-2014-7402

CVE-2014-7402 affects the Android app SK encar (com.encardirect.app). The root cause is failure to verify X.509 certificates from SSL servers, enabling potential MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. No explicit remediation is provided in the ...