CVE-2014-5920
The CVE-2014-5920 entry concerns the VK Amberfog (com.amberfog.vkfree) Android app version 3.5.6 that fails to verify X.509 certificates from SSL servers. This creates an opportunity for MITM attackers to spoof servers and exfiltrate sensitive information via a crafted certificate. The vulnerabil...