CVE-2014-7740
The CVE-2014-7740 entry concerns the Android app Pony Magazine (com.triactivemedia.ponymagazine) where SSL/TLS servers are not verified via X.509 certificates. The root cause is missing certificate validation, enabling man-in-the-middle attackers to spoof servers and access sensitive information ...