[CNNVD]Open Handset Alliance Android 远程DNS缓存投毒漏洞--Android是Google通过Open Handset Alliance发起的项目，用于为移动设备提供完整的软件集，包括操作系统、中间件等。
Open Handset Alliance Android中存在远程DNS缓存投毒漏洞。攻击者可利用该漏洞从合法网站转移数据到攻击者指定的站点，成功的利用将...
Android contains a flaw that is during the handling of a specially crafted application. This may allow a local attacker to bypass a secure virtual private network (VPN) connection and redirect potentially sensitive cleartext information to a location they control.
Google Android contains a flaw in the PreferenceActivity class that leads to unauthorized privileges being gained. The issue is due to the :android:show_fragment intent extra allowing for arbitrary classes to be loaded. This may allow a local attacker to use a specially crafted application to load arbitrary classes and gain elevated privileges.
Code Aurora Android for MSM contains an uninitialized variable flaw in the genlock_dev_ioctl() function in drivers/base/genlock.c. The issue is triggered as all members of a structure are not properly initialized before being copied to user space. This may allow a local attacker to gain access to potentially sensitive kernel memory.
Android contains a flaw related to improper initialization of the underlying OpenSSL PRNG that is triggered when an application e.g. uses the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation. This may result in non-cryptographically strong values being generated, which could allow attackers to have various impacts depending on the affected application (e.g. compromise a user's Bitcoin wallet).