2 matches found
CVE-2014-6838
The Groupama toujours la aka com.groupama.toujoursla application 1.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6838
The CVE-2014-6838 entry concerns the Groupama Toujours la app (com.groupama.toujoursla) for Android version 1.3.0, where X.509 certificate validation for SSL servers is not performed. This insecure cert handling can allow man-in-the-middle attackers to spoof servers and exfiltrate sensitive infor...