CVE-2014-6017
The CVE-2014-6017 entry concerns The Doodle Drop (aka net.lazyer.DoodleDrop) Android app 1, which does not verify X.509 certificates from SSL servers. This misconfiguration enables MITM attackers to spoof servers and exfiltrate sensitive information via crafted certificates. The vulnerability is ...