CVE-2016-2415

Published: Apr 18, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, aka internal bug 26488455.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://source.android.com/security/bulletin/2016-04-02.html

x_refsource_CONFIRM

https://android.googlesource.com/platform/packages/apps/Exchange/+/0d1a38b1755efe7ed4e8d7302a24186616bba9b2

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-2415

Description

Affected Products

References