CVE-2014-5976

The CVE-2014-5976 entry concerns the Android Alibaba (com.alibaba.wireless) app version 4.1.0.0, which does not verify X.509 certificates from SSL servers. This enables MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. CVSS2 base score 5.4 (Medium) with p...