CVE-2014-5939

The travelzadcomvb aka com.tapatalk.travelzadcomvb application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5939

The CVE-2014-5939 entry concerns the Android app travelzadcomvb (com.tapatalk.travelzadcomvb) version 3.3.10. The root cause is the app not verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certi...