CVE-2014-7042
The CVE refers to the My nTelos (com.telespree.ntelospostpay) Android app, version 1.1.2, which does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. This is the concrete vulnerability described ac...