CVE-2017-5905
The CVE-2017-5905 entry concerns the Dollar Bank Mobile app for iOS (version 2.6.3). The vulnerability is that the app does not verify X.509 certificates from SSL servers, which enables a man-in-the-middle attacker to spoof the legitimate server and obtain sensitive information via a crafted cert...