Vulnerabilities > Candy Girl Party Makeover Project > Candy Girl Party Makeover > 1.0.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2014-09-24	CVE-2014-6696	Cryptographic Issues vulnerability in Candy Girl Party Makeover Project Candy Girl Party Makeover 1.0.0.0 The Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlparty) application 1.0.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. candy-girl-party-makeover-project CWE-310	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.