Google Android Browser Unspecified Arbitrary Site Stored Credential Remote Disclosure
Mobile Phone / Hand-held Device
Loss of Confidentiality
Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information. This issue is due to the insecure handling of the login form. With a specially crafted website or when connecting to a malformed WiFi access point and subsequently viewing a webpage that requires login credentials, a context-dependent attacker can gain access to stored credential information for websites.
OSVDB is not currently aware of a solution for this vulnerability.