CVE-2014-6011
The CVE-2014-6011 entry concerns the Android application cutprice (aka kr.co.wedoit.cutprice) version 1.0.4, which does not verify X.509 SSL certificates. This weakens TLS, enabling man-in-the-middle attackers to spoof servers and exfiltrate sensitive information via a crafted certificate. No rem...