CVE-2014-6959
The CVE-2014-6959 entry concerns the QinCard (com.haowan.qincard) Android application version 2.0, which does not verify X.509 certificates from SSL servers. This failure enables man-in-the-middle attackers to spoof legitimate servers and extract sensitive information via a crafted certificate. T...