CVE-2014-5870
The CVE-2014-5870 entry concerns the Kmart (com.kmart.android) Android app version 6.2.8. The connected documents confirm that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific...