Design/Logic Flaw

The Human Factor aka com.magzter.thehumanfactor application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7107

The CVE-2014-7107 entry concerns The Human Factor (com.magzter.thehumanfactor) Android app version 3.01, which fails to verify X.509 certificates from SSL servers. Root cause: missing certificate validation in the app’s SSL/TLS handling. Impact: potential MITM where an attacker could spoof the se...