SecureRandom vulnerability details（CVE-2 0 1 3-7 3 7 2-the vulnerability warning-the black bar safety net

0×0 0 vulnerability overview Android 4.4 previous versions of the Java cryptographic architectureJCAusing Apache Harmony 6. 0M3 and the previous version of the SecureRandom implementation there is a security vulnerability, specifically located in the...

Design/Logic Flaw

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...