CVE-2014-7767
The CVE-2014-7767 entry documents a vulnerability in the A+ (cn.xrzcm) Android app version 1.0.1 where SSL/TLS does not verify X.509 certificates. This allows MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. The connected sources (NVD/NVD-based records a...