CVE-2014-5765
The CVE-2014-5765 entry concerns the Paint for Friends (de.lotumlabs.buddypainting) Android app version 1.5.1, which does not verify X.509 certificates when establishing SSL connections. This behavior can allow man-in-the-middle attackers to spoof servers and recover sensitive information via a c...