What i meant was based on the email subject header being "Android Default Email App Password Disclosure". It looked like this specific issue is what OP might have observed. So placed the link just informing that the issue is already known.
Anant Shrivastava Web : http://anantshri.info On Thu, Sep 4, 2014 at 7:39 PM, Dominik Schuermann < [email protected]> wrote: > You hope? > If your "vulnerability" is stored plaintext passwords, there is not much > you can do besides implementing SCRAM-SHA1 authentication on client and > server or some OAuth derivate. > > Regards > Dominik > > On 09/04/2014 03:53 PM, Anant Shrivastava wrote: > > I hope its not this specfic issue : > > > > https://code.google.com/p/android/issues/detail?id=10809 > > > > > > > > Anant Shrivastava > > Web : http://anantshri.info > > > > > > On Thu, Sep 4, 2014 at 7:02 PM, Dominik Schuermann < > > [email protected]> wrote: > > > >> Mail to [email protected] > >> > >> On 09/04/2014 01:36 PM, Zawad wrote: > >>> Hello there, > >>> I have recently found a vulnerability in Android's default Email App > >> (4.2.2 > >>> Jellybean). I don't it if it is updated. But I want to notify the > android > >>> security team about it. But can you please tell me the way? > >>> I don't want to post it here as it will not be a good idea because > >> everyone > >>> can read it. So, please show me the way to report the vulnerability > >>> directly to Android Security team for a better and more secure Android > >>> Email App > >>> > >>> Thankyou! > >>> > >> > >> > > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
