Android KeyStore Stack Buffer Overflow (CVE-2014-3100)

[Roee Hay <roeeh () il ibm com>]

Hi,

We have discovered a stack-based buffer overflow in the Android
KeyStore service which affects Android 4.3 and below. The issue was
patched in Android 4.4.

The vulnerability is identified as CVE-2014-3100.

More details are available at:

1. Blog post: http://ibm.co/1pbk4yH
2. Advisory: http://slidesha.re/1nxBnmY

-Roee

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/