CVE-2014-7353
The CVE-2014-7353 entry concerns the JAZAN 24 Android app (com.jazan24.Mcreda) version 1.0 that fails to verify SSL X.509 certificates. The root cause is improper certificate validation, enabling man-in-the-middle attackers to spoof servers and extract sensitive information via a crafted certific...