2 matches found
Information disclosure
The wTrootrooTvIzle aka com.wTrootrooTvIzle application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6654
The CVE-2014-6654 entry concerns the Android app wTrootrooTvIzle (com.wTrootrooTvIzle) version 0.1. The issue is that the app does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and access sensitive information via a crafted certificate. The nvd entry pro...