CVE-2014-7695
CVE-2014-7695 affects the Android app easaa Baoneng (com.easaa.baoneng) 1.0. The vulnerability is a failure to verify X.509 certificates from SSL servers, enabling a man-in-the-middle attacker to spoof servers and exfiltrate sensitive data via a crafted certificate. The connected sources confirm ...