2 matches found
CVE-2014-6887
The EXPRESS aka com.gpshopper.express.android application 2.5.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6887
The CVE-2014-6887 entry affects the Android app EXPRESS (com.gpshopper.express.android) version 2.5.3. The root cause is that the app does not verify X.509 certificates when connecting to SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a cra...