3 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7046, CVE-2014-7047. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-7046 and CVE-2014-7047 to determine which ID is appropriate. All reference...
CVE-2014-6915
Connected records contain concrete details: CVE-2014-7046 (George Wassouf app 1.0) and CVE-2014-7047 (Ocean Avenue Mobile Pro 2.0) describe Android applications that do not verify X.509 certificates from SSL servers, enabling potential MITM with crafted certificates. The provided documents do not...
CVE-2014-7047
The CVE-2014-7047 entry concerns the Ocean Avenue Mobile Pro Android app (com.oceanavenue.mobile) version 2.0, which does not verify X.509 certificates from SSL servers. This flaw enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The ...