3 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All reference...
CVE-2014-6915
Connected records contain concrete details: CVE-2014-7046 (George Wassouf app 1.0) and CVE-2014-7047 (Ocean Avenue Mobile Pro 2.0) describe Android applications that do not verify X.509 certificates from SSL servers, enabling potential MITM with crafted certificates. The provided documents do not...
CVE-2014-7046
The George Wassouf aka com.devkhr32.georgewassouf application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...