CVE-2014-6793
The CVE-2014-6793 entry concerns the Android app The Arch Friend (com.xyproto.archfriend) version 0.4.2. The vulnerability is that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and exfiltrate sensitive data via a crafted certifi...