2 matches found
CVE-2014-7348
The HOT CARS aka com.magzter.hotcars application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7348
The CVE-2014-7348 entry concerns the HOT CARS (com.magzter.hotcars) Android app v3.0, where the client does not verify X.509 certificates from SSL servers. This weakens TLS guarantees and enables MITM attackers to spoof servers and exfiltrate sensitive data via crafted certificates. Documented im...