2 matches found
CVE-2014-7048
The Bear ID Lock aka com.wBearIDLock application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7048
The CVE-2014-7048 entry concerns the Android app Bear ID Lock (com.wBearIDLock) , version 0.1. The vulnerability is that the app does not verify X.509 certificates from SSL servers, which allows a man‑in‑the‑middle attacker to spoof servers and obtain sensitive information via a crafted certifica...