CVE-2014-5878

The ium aka net.ium.mobile.android application 3.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5878

The ium (net.ium.mobile.android) Android app, version 3.3.4, does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and obtain sensitive information via crafted certificates. Affected component is the TLS certificate validation logic; root cause is lack of s...