The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data.Referenceshttp://viaforensics.com/appwatchdog/bank-of-america-android.htmlhttp://news.cnet.com/8301-27080_3-20021874-245.htmlhttp://online.wsj.com/article/SB10001424052748703805704575594581203248658.html
