A Vulnerability in Android Resolver has been identified by researchers Roee hay & Roi Saltzman from IBM Application Security Research group by the vulnerability a weakness is identified in its pseudo- random number generator (PRNG) which makes DNS poisoning attacks
feasible and it has been named as (CVE-2012-2808)
A complete Official Advisory is available here
What is the Affect of this attack?
Which version is vulnerable?
Up to 4.0.4
How it has been fixed?
The random sample is now taken from /dev/urandom which should have enough entropy when the call is made.
All of the Information from here