3 matches found
CVE-2014-7309
The Where2Stop-Cardlocks-Free aka appinventor.aikidatheart99.Where2StopCardlocks application 6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7309
The Where2Stop-Cardlocks-Free aka appinventor.aikidatheart99.Where2StopCardlocks application 6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7309
The CVE-2014-7309 entry documents a vulnerability in the Where2Stop-Cardlocks-Free app (aka appinventor.ai_kidatheart99.Where2Stop_Cardlocks), version 6.1 for Android, where the application does not verify X.509 certificates from SSL servers. This weakens TLS and allows man-in-the-middle attacker...