Mini Pets - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Mini Pets published at the 'play' market has multiple vulnerabilities...

CVE-2014-5817

The Mini Pets aka com.miniclip.animalshelter application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Mini Pets aka com.miniclip.animalshelter application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5817

The CVE-2014-5817 entry concerns the Android app Mini Pets (com.miniclip.animalshelter) v2.0.3, where SSL/TLS does not verify X.509 certificates. This causes MITM risk, allowing an attacker to spoof servers and extract sensitive data via a crafted certificate. The description, as provided in the ...

CVE-2014-5817

The Mini Pets aka com.miniclip.animalshelter application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...