Google Android Bouncy Castle CVE-2015-6644 Information Disclosure Vulnerability

Google Android is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

Information

Bugtraq ID: 79865
Class: Configuration Error
CVE: CVE-2015-6644

Remote: Yes
Local: No
Published: Jan 04 2016 12:00AM
Updated: Apr 13 2017 11:04AM
Credit: Quan Nguyen of Google Information Security Engineer Team
Vulnerable: Google Android 6.0.1
Google Android 5.1.1 Build LMY48Z
Google Android 5.1.1 Build LMY48X
Google Android 5.1.1 Build LMY48W
Google Android 5.1.1 Build LMY48T
Google Android 5.1.1 Build LMY48M
Google Android 5.1.1
Google Android 5.0.2
Google Android 5.0.1
Google Android 4.4.4
Google Android 6.0
Google Android 5.1.1_r9
Google Android 5.1.1_r5
Google Android 5.1
Google Android 5.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64

Not Vulnerable: Google Android 5.1.1 Build LMY49F

References:

• Android Homepage (Google)
  
• Nexus Security Bulletin - January 2016 (Google)
  

Source: www.securityfocus.com