I'm curious about what vulnerabilities the Fortify rulesets look for in Android applications. Unfortunately I'm unable to find any documentation on the same. I know that they look around for Java specific vulns along with Permission checks for Components -- anything else? SQL injection checks? Intent checks?
Besides all the regular Java rules, there are Android specific rules for the following categories:
Code Quality:
Android Bad Practices - Use of Released Camera
Android Bad Practices - Use of Released SQLite Resource
Android Bad Practices - Use of Released Media Resource
Unreleased Resource - Android Media
Encapsulation:
Insecure Storage - Android External Storage
System Information Leak
Input Validation and Representation:
Command Injection
Cross: Site Scripting - Persistent
Cross: Site Scripting - Poor Validation
Cross: Site Scripting - Reflected
Header Manipulation - Cookies
Log Forging
Path Manipulation
Query String Injection - Android Provider
Resource Injection
SQL Injection
Security Features:
Access Control - Android Provider
Access Control - Database
Android Bad Practices - Missing Broadcaster Permission
Android Bad Practices - Missing Receiver Permission
Android Bad Practices - Sticky Broadcast
Password Management
Password Management - Empty Password
Password Management - Hardcoded Password
Password Management - Null Password
Password Management - Weak Cryptography
Privacy Violation
Privilege Management - Android Location
Privilege Management - Android Messaging
Privilege Management - Android Telephony
Privilege Management - Missing API Permission
Privilege Management - Missing Content Provider Permission
Privilege Management - Missing Intent Permission