CVE-2014-5620
The CVE-2014-5620 entry concerns the Android app Office Jerk Free (com.fluik.OfficeJerkFree) version 1.7.13, which does not verify X.509 certificates from SSL servers. Root cause: missing certificate validation in the TLS stack, enabling man-in-the-middle attackers to spoof servers and obtain sen...