CVE-2014-5994
The CVE-2014-5994 entry concerns the Android app “ding* ezetop. Top-up Any Phone” (package com.ezetop.world) version 1.3.4, where SSL validation is not performed for X.509 certificates. This permits MITM attackers to spoof servers and capture sensitive information via a crafted certificate. The c...