CVE-2014-7086
The CVE-2014-7086 entry concerns the Android app Killer Screen lock (com.cc.theme.shashou) version 0.5, where the SSL/TLS client does not verify X.509 certificates. This root cause enables MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. The vulnerabilit...