2 matches found
CVE-2014-5971
The CVE-2014-5971 entry concerns the Fiksu library for Android failing to verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. The NVD description confirms the lack of certificate verification as the root ...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5971, CVE-2014-5984. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-5971 and CVE-2014-5984 to determine which ID is appropriate. All reference...