Personal Banking - Customized SSL, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Personal Banking published at the 'play' market has multiple vulnerabilities...

Hang Seng Personal Banking - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Hang Seng Personal Banking published at the 'play' market has multiple vulnerabilities...

Design/Logic Flaw

The Santander Personal Banking aka com.sovereign.santander application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6877

The CVE-2014-6877 entry concerns the Santander Personal Banking Android app (version 2.1). The connected records confirm the root cause: the application does not verify X.509 certificates presented by SSL servers, which enables man-in-the-middle attackers to spoof servers and extract sensitive in...

CVE-2014-6877

The Santander Personal Banking aka com.sovereign.santander application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...