iLove - Free Dating & Chat App - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application iLove - Free Dating & Chat App published at the 'play' market has multiple vulnerabilities...

CVE-2014-5649

The iLove - Free Dating & Chat App aka com.jestadigital.android.ilove application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The iLove - Free Dating & Chat App aka com.jestadigital.android.ilove application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5649

The iLove - Free Dating & Chat App aka com.jestadigital.android.ilove application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5649

The CVE-2014-5649 entry concerns the iLove - Free Dating & Chat App (com.jestadigital.android.ilove) for Android, version 1.3.3, where the app does not verify X.509 certificates from SSL servers. This behaves as a certificate validation flaw that can let man-in-the-middle attackers spoof servers ...