CVE-2014-6766
The CVE-2014-6766 issue affects the Afro-Beat (com.zero.themelock.tambourine) Android app version 0.2, where the client does not verify X.509 certificates from SSL servers. This permits man-in-the-middle attackers to spoof legitimate servers and extract sensitive information via a crafted certifi...