CVE-2014-5849
The CVE-2014-5849 entry concerns the Maleficent Free Fall Android app (package com.disney.maleficent_goo) v1.2.0. The vulnerability is failure to verify X.509 certificates when connecting to SSL servers, enabling MITM attackers to spoof servers and access sensitive data via a crafted certificate....