CVE-2014-6938
The CVE concerns the Android app Apostilas musicais (com.apostilas) 1.0, which does not verify X.509 certificates from SSL servers. Root cause: missing certificate validation in TLS, enabling man‑in‑the‑middle attacks to spoof servers and capture sensitive data via a crafted certificate. No produ...