CVE-2014-5881
The CVE-2014-5881 issue affects Yahoo! Japan Box for Android (jp.co.yahoo.android.ybox) where the app fails to verify SSL server certificates in versions up to 1.5.4 (and earlier), enabling man-in-the-middle attackers to decrypt or spoof traffic. Root cause: improper SSL certificate verification ...