CVE-2014-5709

CVE-2014-5709 concerns the Android app Donut Maker (com.sunstorm.android.donut) version 1.27, which fails to verify X.509 certificates from SSL servers . This enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The connected records ind...