All the vulnerabilites related to LY Corporation - LINE
jvndb-2018-000063
Vulnerability from jvndb
Published
2018-06-12 14:44
Modified
2018-06-12 14:44
Severity ?
Summary
LINE for Windows may insecurely load Dynamic Link Libraries
Details
LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software.
If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries (CWE-427).
LINE Corporation reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000063.html",
"dc:date": "2018-06-12T14:44+09:00",
"dcterms:issued": "2018-06-12T14:44+09:00",
"dcterms:modified": "2018-06-12T14:44+09:00",
"description": "LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software.\r\n If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000063.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000063",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN92265618/index.html",
"@id": "JVN#92265618",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0609",
"@id": "CVE-2018-0609",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0609",
"@id": "CVE-2018-0609",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "LINE for Windows may insecurely load Dynamic Link Libraries"
}
jvndb-2016-000123
Vulnerability from jvndb
Published
2016-07-08 14:29
Modified
2016-08-19 17:44
Severity ?
Summary
LINE for Windows may insecurely load Dynamic Link Libraries
Details
LINE for Windows provided by LINE Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries.
Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000123.html",
"dc:date": "2016-08-19T17:44+09:00",
"dcterms:issued": "2016-07-08T14:29+09:00",
"dcterms:modified": "2016-08-19T17:44+09:00",
"description": "LINE for Windows provided by LINE Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries.\r\n\r\nTakashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000123.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000123",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN51565015/index.html",
"@id": "JVN#51565015",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4831",
"@id": "CVE-2016-4831",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4831",
"@id": "CVE-2016-4831",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "LINE for Windows may insecurely load Dynamic Link Libraries"
}
jvndb-2024-003699
Vulnerability from jvndb
Published
2024-06-24 11:05
Modified
2024-06-24 11:05
Severity ?
Summary
LINE client for iOS vulnerable to universal cross-site scripting
Details
The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability (CWE-79, CVE-2024-5739).
LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU91384468/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2024-5739 | |
| Cross-site Scripting(CWE-79) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003699.html",
"dc:date": "2024-06-24T11:05+09:00",
"dcterms:issued": "2024-06-24T11:05+09:00",
"dcterms:modified": "2024-06-24T11:05+09:00",
"description": "The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability (CWE-79, CVE-2024-5739).\r\n\r\nLY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003699.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2024-003699",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU91384468/index.html",
"@id": "JVNVU#91384468",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-5739",
"@id": "CVE-2024-5739",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "LINE client for iOS vulnerable to universal cross-site scripting"
}
jvndb-2019-000060
Vulnerability from jvndb
Published
2019-09-19 17:59
Modified
2019-10-18 15:17
Severity ?
Summary
Multiple integer overflow vulnerabilities in LINE(Android)
Details
LINE(Android) provided by LINE Corporation contains multiple integer overflow vulnerabilities (CWE-190) listed below.
* Integer overflow vulnerability in processing images using apng-drawable - CVE-2019-6007
* Integer overflow vulnerability in processing images - CVE-2019-6010
LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000060.html",
"dc:date": "2019-10-18T15:17+09:00",
"dcterms:issued": "2019-09-19T17:59+09:00",
"dcterms:modified": "2019-10-18T15:17+09:00",
"description": "LINE(Android) provided by LINE Corporation contains multiple integer overflow vulnerabilities (CWE-190) listed below.\r\n* Integer overflow vulnerability in processing images using apng-drawable - CVE-2019-6007 \r\n* Integer overflow vulnerability in processing images - CVE-2019-6010\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-000060.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "6.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2019-000060",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN97845465/index.html",
"@id": "JVN#97845465",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6007",
"@id": "CVE-2019-6007",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6010",
"@id": "CVE-2019-6010",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-6007",
"@id": "CVE-2019-6007",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-6010",
"@id": "CVE-2019-6010",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-189",
"@title": "Numeric Errors(CWE-189)"
}
],
"title": "Multiple integer overflow vulnerabilities in LINE(Android)"
}
jvndb-2016-000153
Vulnerability from jvndb
Published
2016-08-25 14:26
Modified
2017-05-23 14:28
Severity ?
Summary
LINE for Windows fails to properly verify downloaded files
Details
The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified.
LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000153.html",
"dc:date": "2017-05-23T14:28+09:00",
"dcterms:issued": "2016-08-25T14:26+09:00",
"dcterms:modified": "2017-05-23T14:28+09:00",
"description": "The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified.\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000153.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "8.1",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000153",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN05924524/index.html",
"@id": "JVN#05924524",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4850",
"@id": "CVE-2016-4850",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4850",
"@id": "CVE-2016-4850",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "LINE for Windows fails to properly verify downloaded files"
}
jvndb-2023-014491
Vulnerability from jvndb
Published
2024-04-22 15:27
Modified
2024-04-22 15:27
Severity ?
Summary
LINE client for iOS vulnerable to improper server certificate verification
Details
The financial module within LINE client for iOS lacks server certificate verification in log transmission (CWE-295, CVE-2023-5554).
LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU91696361/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2023-5554 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2023-5554 | |
| Improper Certificate Validation(CWE-295) | https://cwe.mitre.org/data/definitions/295.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-014491.html",
"dc:date": "2024-04-22T15:27+09:00",
"dcterms:issued": "2024-04-22T15:27+09:00",
"dcterms:modified": "2024-04-22T15:27+09:00",
"description": "The financial module within LINE client for iOS lacks server certificate verification in log transmission (CWE-295, CVE-2023-5554).\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-014491.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2023-014491",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU91696361/index.html",
"@id": "JVNVU#91696361",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-5554",
"@id": "CVE-2023-5554",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-5554",
"@id": "CVE-2023-5554",
"@source": "NVD"
},
{
"#text": "https://cwe.mitre.org/data/definitions/295.html",
"@id": "CWE-295",
"@title": "Improper Certificate Validation(CWE-295)"
}
],
"title": "LINE client for iOS vulnerable to improper server certificate verification"
}
jvndb-2018-000016
Vulnerability from jvndb
Published
2018-02-22 15:29
Modified
2018-06-14 12:23
Severity ?
Summary
LINE for iOS fails to verify SSL server certificates
Details
LINE for iOS provided by LINE Corporation fails to verify SSL server certificates due to the vulnerability existed in the Third Party SDK which is incorporated in the application.
LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000016.html",
"dc:date": "2018-06-14T12:23+09:00",
"dcterms:issued": "2018-02-22T15:29+09:00",
"dcterms:modified": "2018-06-14T12:23+09:00",
"description": "LINE for iOS provided by LINE Corporation fails to verify SSL server certificates due to the vulnerability existed in the Third Party SDK which is incorporated in the application.\r\n\r\nLINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000016.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000016",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN75453852/index.html",
"@id": "JVN#75453852",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0518",
"@id": "CVE-2018-0518",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0518",
"@id": "CVE-2018-0518",
"@source": "NVD"
}
],
"title": "LINE for iOS fails to verify SSL server certificates"
}
jvndb-2015-000040
Vulnerability from jvndb
Published
2015-03-20 16:16
Modified
2024-05-09 18:15
Summary
LINE vulnerable to script injection
Details
LINE provided by LINE Corporation is an application used to communicate with others. LINE is vulnerable to MITM (man-in-the-middle) attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.
Kenta Suefusa, Nobuaki Nakazawa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | http://jvn.jp/en/jp/JVN41281927/index.html | |
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0897 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2015-0897 | |
| No Mapping(CWE-DesignError) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000040.html",
"dc:date": "2024-05-09T18:15+09:00",
"dcterms:issued": "2015-03-20T16:16+09:00",
"dcterms:modified": "2024-05-09T18:15+09:00",
"description": "LINE provided by LINE Corporation is an application used to communicate with others. LINE is vulnerable to MITM (man-in-the-middle) attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.\r\n\r\nKenta Suefusa, Nobuaki Nakazawa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000040.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2015-000040",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN41281927/index.html",
"@id": "JVN#41281927",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0897",
"@id": "CVE-2015-0897",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-0897",
"@id": "CVE-2015-0897",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-DesignError",
"@title": "No Mapping(CWE-DesignError)"
}
],
"title": "LINE vulnerable to script injection"
}
jvndb-2016-000029
Vulnerability from jvndb
Published
2016-02-19 14:43
Modified
2016-03-10 17:39
Severity ?
Summary
LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)
Details
LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline.
Jun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| LY Corporation | LINE |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000029.html",
"dc:date": "2016-03-10T17:39+09:00",
"dcterms:issued": "2016-02-19T14:43+09:00",
"dcterms:modified": "2016-03-10T17:39+09:00",
"description": "LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline.\r\n\r\nJun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000029.html",
"sec:cpe": {
"#text": "cpe:/a:linecorp:line",
"@product": "LINE",
"@vendor": "LY Corporation",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"@version": "2.0"
},
{
"@score": "3.5",
"@severity": "Low",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000029",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN46044093/index.html",
"@id": "JVN#46044093",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1156",
"@id": "CVE-2016-1156",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1156",
"@id": "CVE-2016-1156",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)"
}