1 results (0.005 seconds)
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5570
https://notcve.org/view.php?id=CVE-2014-5570
09 Sep 2014 — The DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application 2.0.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación DailyFinance - Stocks & News (también conocido como com.aol.mobile.dailyFinance) 2.0.2.1 para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores y... • http://www.kb.cert.org/vuls/id/582497 • CWE-310: Cryptographic Issues •