CVE-2014-5756
The CVE-2014-5756 entry concerns the Android app “Buy 99 Cents Only Products” (com.ww99CentsOnlyStores) version 0.1, which does not validate X.509 certificates when connecting to SSL servers. This creates a susceptibility to man-in-the-middle attacks where a crafted certificate can spoof servers ...