Oh sry, I thought you were the OP. Should have looked more closely. Regards Dominik
On 09/04/2014 04:16 PM, Anant Shrivastava wrote: > What i meant was based on the email subject header being "Android Default > Email App Password Disclosure". It looked like this specific issue is what > OP might have observed. So placed the link just informing that the issue is > already known. > > > Anant Shrivastava > Web : http://anantshri.info > > > On Thu, Sep 4, 2014 at 7:39 PM, Dominik Schuermann < > [email protected]> wrote: > >> You hope? >> If your "vulnerability" is stored plaintext passwords, there is not much >> you can do besides implementing SCRAM-SHA1 authentication on client and >> server or some OAuth derivate. >> >> Regards >> Dominik >> >> On 09/04/2014 03:53 PM, Anant Shrivastava wrote: >>> I hope its not this specfic issue : >>> >>> https://code.google.com/p/android/issues/detail?id=10809 >>> >>> >>> >>> Anant Shrivastava >>> Web : http://anantshri.info >>> >>> >>> On Thu, Sep 4, 2014 at 7:02 PM, Dominik Schuermann < >>> [email protected]> wrote: >>> >>>> Mail to [email protected] >>>> >>>> On 09/04/2014 01:36 PM, Zawad wrote: >>>>> Hello there, >>>>> I have recently found a vulnerability in Android's default Email App >>>> (4.2.2 >>>>> Jellybean). I don't it if it is updated. But I want to notify the >> android >>>>> security team about it. But can you please tell me the way? >>>>> I don't want to post it here as it will not be a good idea because >>>> everyone >>>>> can read it. So, please show me the way to report the vulnerability >>>>> directly to Android Security team for a better and more secure Android >>>>> Email App >>>>> >>>>> Thankyou! >>>>> >>>> >>>> >>> >> >> >
signature.asc
Description: OpenPGP digital signature
