CVE-2014-7036
CVE-2014-7036 affects the Quest Federal CU Mobile Android application (package com.metova.cuae.questfcu), version 1.0.27. The app does not verify X.509 certificates for SSL/TLS connections, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information through a crafted ce...