CVE-2014-5976

Published: Sep 20, 2014
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2014-5976" target="_blank" rel="noopener"> CVE-2014-5976
Severity: Medium
Exploit:

The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.