Design/Logic Flaw
Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which 1 the certificate of the last loaded resource is checked, instead of for the main...