Super-Bright LED Flashlight - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Super-Bright LED Flashlight published at the 'play' market has multiple vulnerabilities...

Brightest LED Flashlight Free - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Brightest LED Flashlight Free published at the 'play' market has multiple vulnerabilities...

Brightest LED Flashlight - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Brightest LED Flashlight published at the 'play' market has multiple vulnerabilities...

CVE-2014-5644

The Brightest LED Flashlight aka com.intellectualflame.ledflashlight.washer application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5644

The CVE-2014-5644 entry concerns The Brightest LED Flashlight (com.intellectualflame.ledflashlight.washer) Android app v1.2.4. The connected NVD/NVD-derived records state that the app does not verify X.509 certificates from SSL servers, enabling a man-in-the-middle scenario where an attacker coul...