Date published: 2014-02-26T20:55:04.243-05:00
Date last modified: 2014-02-27T13:58:12.380-05:00
CVSS Score: 5.8
Principal attack vector: NETWORK
Reference URL: http://jvn.jp/en/jp/JVN48810179/index.html
Summary: The Denny’s application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.