Google Android Arbitrary Application Browser Saved Password Disclosure
Mobile Phone / Hand-held Device
Loss of Confidentiality
Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information to a remote attacker. The issue is due to the system allowing any application to access stored passwords and potentially cookies within the default browser.
It has been reported that this issue has been fixed. Upgrade to version Jelly Bean (4.2) or higher, to address this vulnerability.