EUVD-2014-5810

Malware in sbrugna...

Information disclosure

The Facebook Status Via aka com.StatusViaAdvanced application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5923

The CVE-2014-5923 entry concerns the Facebook Status Via (com.StatusViaAdvanced) Android app version 3.5, which does not verify X.509 certificates from SSL servers. The underlying flaw allows MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. The NVD entry...