CVE

CVE-2016-2461 (android)

admin

CVE-2016-2461 (android)

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.

Source: CVE-2016-2461 (android)

Exit mobile version