CVE-2016-2461 in Androidinformation

Résumé

par MITRE

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

18/02/2016

Divulgation

09/05/2016

Modérer

accepté

Entrée

VDB-83120

CPE

prêt

EPSS

0.00455

KEV

non

Activités

très faible

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!