CVE-2014-5887
CVE-2014-5887 concerns the Yell Local Search app (com.yell.launcher2) for Android, version 4.2.1.4, which does not verify X.509 certificates from SSL servers. Root cause: SSL certificate validation is not performed, enabling man-in-the-middle attackers to spoof servers and potentially access sens...