2 matches found
CVE-2014-5865
The Ask.com aka com.ask.android application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5865
CVE-2014-5865 affects the Ask.com Android app (2.2.5). The underlying issue is that the app does not verify X.509 certificates when establishing SSL connections, enabling man-in-the-middle attackers to spoof servers and potentially access sensitive information via crafted certificates. This vulne...