CVE-2014-7085
The CVE-2014-7085 entry concerns the Android app i Newspaper (com.independent.thei, package @7F080184). The vulnerability is that it does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat...