CVE-2014-5862
The CVE-2014-5862 entry concerns the ecalendar2 (cn.etouch.ecalendar2) Android app version 4.5.3, which does not verify X.509 certificates from SSL servers. This enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The vulnerability is d...