CVE-2014-6659
The CVE-2014-6659 entry concerns the Android Defence.pk (com.tapatalk.defencepkforums) app, version 2.4.13.1, which does not verify X.509 certificates when connecting to SSL servers. The underlying issue is the app’s failure to validate server certificates, enabling man-in-the-middle attackers to...