CVE-2014-7392
The CVE refers to the Android app Russian Federation Traffic Rules (com.russia.pdd), version 1.21, which does not verify X.509 certificates from SSL servers. This misconfiguration allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The u...