2 matches found
CVE-2014-7756
The Radiohead fan aka nl.jborsje.android.bandnews.radiohead application 4.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7756
The Radiohead fan (nl.jborsje.android.bandnews.radiohead) Android app version 4.6.2 fails to verify X.509 certificates over TLS, allowing MITM attackers to spoof servers and obtain sensitive data via crafted certificates. The root cause is missing certificate validation in the app’s SSL/TLS handl...