CVE-2014-6642
The CVE concerns the Android app for The Mark’s Daily Apple Forum (com.tapatalk.marksdailyapplecomforum) v2.4.9.3, where the implementation does not verify X.509 certificates from SSL servers. This lack of certificate verification enables man-in-the-middle attackers to spoof servers and exfiltrat...