CVE-2014-5767
The CVE-2014-5767 entry concerns the Android app IM+ (de.shapeservices.impluslite) version 6.6.2, where SSL/TLS connections do not verify X.509 certificates. Root cause: the app fails to validate server certificates, allowing a man-in-the-middle attacker to spoof servers and recover sensitive dat...