CVE-2014-5546
The Africa Memory Android application (package AfricaMemory, version 1.0.1) does not verify X.509 certificates from SSL servers, allowing man-in-the-middle attackers to spoof servers and obtain sensitive information. Root cause: missing SSL certificate validation. Impact: partial confidentiality ...