CVE-2014-5884
The CVE-2014-5884 entry concerns the 1&1 Online Storage (aka de.einsundeins.smartdrive) Android app version 5.0.11, which fails to verify X.509 certificates when connecting to SSL servers. This enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cer...