Android contains a flaw that is during the handling of a specially crafted application. This may allow a local attacker to bypass a secure virtual private network (VPN) connection and redirect potentially sensitive cleartext information to a location they control.
Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information. This issue is due to the insecure handling of the login form. With a specially crafted website or when connecting to a malformed WiFi access point and subsequently viewing a webpage that requires login credentials, a context-dependent attacker can gain access to stored credential information for websites.
Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information to a remote attacker. The issue is due to the system allowing any application to access stored passwords and potentially cookies within the default browser.
Android 2.2 (codenamed 'Froyo') contains over 80 high-risk flaws that may allow an attacker to take control of an Android device. No further details have been provided.