CVE-2014-6909
CVE-2014-6909 affects the Coca-Cola FM Peru Android app (com.enyetech.radio.coca_cola.fm_pe) version 2.0.41716, which does not verify X.509 certificates from SSL servers. This allows Man‑in‑the‑Middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The base ...