CVE-2014-6696
The CVE-2014-6696 entry concerns the Android app Candy Girl Party Makeover (com.bearhugmedia.android_candygirlparty) version 1.0.0.0, which does not verify X.509 certificates when establishing TLS connections. Root cause: missing server certificate validation, enabling man-in-the-middle attackers...