CVE-2014-7714

The CVE-2014-7714 entry concerns the Android application ibon (aka tw.net.pic.mobi) version 3.2.1, which does not verify X.509 certificates from SSL servers. This flaw enables man-in-the-middle attackers to spoof legitimate servers and obtain sensitive information via a crafted certificate. Multi...