CVE-2014-6977
The affected software is the Android eLearn application (package com.desire2learn.campuslife.chattanoogastate.edu.directory) version 1.0.649.1194. The root cause is failure to verify X.509 certificates for SSL servers, which enables man-in-the-middle attackers to spoof servers and read sensitive ...