CVE-2014-5883

The CVE-2014-5883 entry concerns the 7-ELEVEN Android app version 2.08.000 that does not verify X.509 certificates from SSL servers. Root cause: missing certificate verification enables MITM attackers to spoof servers and access sensitive information via crafted certificates. Documented impact is...