EUVD-2013-7142

Malware in sbrugna...

SecureRandom vulnerability details（CVE-2 0 1 3-7 3 7 2-the vulnerability warning-the black bar safety net

0×0 0 vulnerability overview Android 4.4 previous versions of the Java cryptographic architectureJCAusing Apache Harmony 6. 0M3 and the previous version of the SecureRandom implementation there is a security vulnerability, specifically located in the...

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

Design/Logic Flaw

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

CVE-2013-7372

CVE-2013-7372 affects the SecureRandom implementation in Apache Harmony (SHA1PRNG_SecureRandomImpl) used by JCA in Android up to version 4.3/4.4 boundaries. The engineNextBytes function uses an incorrect offset when no user seed is provided, making the PRNG output more predictable and enabling at...

VulnCheck KEV: CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4...