CVE-2014-7376
CVE-2014-7376 concerns the Android app Facebook Profits on Steroids (com.wFacebookProfitsonSteroids) version 0.1, which fails to validate X.509 certificates when connecting to SSL servers. This weakens transport security by enabling MITM attackers to spoof servers and obtain sensitive information...