CVE-2014-5949
The CVE-2014-5949 entry concerns the Android app “The TICKET APP - Concerts & Sports” (com.xcr.android.ticketapp) version 3.0.1. It does not verify X.509 certificates from SSL servers, allowing man‑in‑the‑middle attackers to spoof servers and obtain sensitive information via a crafted certificate...