CVE-2014-5902

The CVE-2014-5902 entry concerns the UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) Android app version 2.9, which fails to verify X.509 certificates from SSL servers. This omission enables man-in-the-middle attackers to spoof servers and extract sensitive information via a crafted cer...