CVE-2014-5882

The CVE-2014-5882 entry describes the Homoo Ijiri (jp.co.applica) Android app v3.7 failing to verify SSL X.509 certificates, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Impact: partial confidentiality. Mitigation/patch details ...