CVE-2014-7104
The CVE-2014-7104 entry concerns the gymnoOVP (iOVP) Android app (version 1.2) that does not verify X.509 certificates when connecting to SSL servers. This weakens transport security and can enable man-in-the-middle attackers to spoof servers and access sensitive information via crafted certifica...