Search criteria
5 vulnerabilities found for line by line
VAR-201602-0156
Vulnerability from variot - Updated: 2023-12-18 13:29LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline. Jun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.By displaying a specially crafted post in Timeline, the product may be abnormally terminated. NHN PlayArt LINE is a set of instant chat software developed by Japan NHN PlayArt Company. The software supports free calls, sending text messages and more
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0156",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "line",
"scope": "lte",
"trust": 1.0,
"vendor": "linecorp",
"version": "4.3.0.724"
},
{
"model": "line",
"scope": "lte",
"trust": 1.0,
"vendor": "linecorp",
"version": "4.3.1"
},
{
"model": "line",
"scope": "lte",
"trust": 0.8,
"vendor": "line",
"version": "for mac os 4.3.1"
},
{
"model": "line",
"scope": "lte",
"trust": 0.8,
"vendor": "line",
"version": "for windows 4.3.0.724"
},
{
"model": "mac os x",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:linecorp:line:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.1",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:linecorp:line:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.0.724",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1156"
}
]
},
"cve": "CVE-2016-1156",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2016-000029",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-89975",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "Low",
"baseScore": 3.5,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2016-000029",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1156",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2016-000029",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-389",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-89975",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-89975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. LINE for Windows and LINE for Mac OS contain a denial-of-service (DoS) vulnerability due to an issue in displaying the Timeline. Jun Kokatsu of KDDI Singapore Dubai Branch reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.By displaying a specially crafted post in Timeline, the product may be abnormally terminated. NHN PlayArt LINE is a set of instant chat software developed by Japan NHN PlayArt Company. The software supports free calls, sending text messages and more",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "VULHUB",
"id": "VHN-89975"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1156",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVN46044093",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-89975",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-89975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"id": "VAR-201602-0156",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-89975"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:29:33.623000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[Security Notice] Fixed Vulnerability in LINE for PC (Windows/Mac OS)",
"trust": 0.8,
"url": "http://linecorp.com/ja/security/article/53"
},
{
"title": "NHN PlayArt LINE Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60286"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-89975"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn46044093/index.html"
},
{
"trust": 1.7,
"url": "http://linecorp.com/ja/security/article/53"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2016-000029"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1156"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1156"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-89975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-89975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-19T00:00:00",
"db": "VULHUB",
"id": "VHN-89975"
},
{
"date": "2016-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"date": "2016-02-19T19:59:02.127000",
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"date": "2016-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-89975"
},
{
"date": "2016-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000029"
},
{
"date": "2020-05-11T18:38:26.967000",
"db": "NVD",
"id": "CVE-2016-1156"
},
{
"date": "2020-05-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000029"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-389"
}
],
"trust": 0.6
}
}
VAR-201408-0035
Vulnerability from variot - Updated: 2023-12-18 12:57LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. LINE is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. NHN PlayArt LINE is a set of instant chat software developed by Japan NHN PlayArt Company. The software supports free calls, sending text messages and more. There are security vulnerabilities in NHN PlayArt LINE 3.2.1.83 and earlier versions based on Windows platform and NHN PlayArt LINE 3.2.1 and earlier versions based on OS X platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "line",
"scope": "lte",
"trust": 1.0,
"vendor": "linecorp",
"version": "3.2.1.83"
},
{
"model": "line",
"scope": "lte",
"trust": 1.0,
"vendor": "linecorp",
"version": "3.2.1"
},
{
"model": "line",
"scope": "lte",
"trust": 0.8,
"vendor": "line",
"version": "3.2.1 (mac os x)"
},
{
"model": "line",
"scope": "lte",
"trust": 0.8,
"vendor": "line",
"version": "3.2.1.83 (windows)"
},
{
"model": "line",
"scope": "eq",
"trust": 0.6,
"vendor": "linecorp",
"version": "3.2.1.83"
},
{
"model": "line",
"scope": "eq",
"trust": 0.6,
"vendor": "linecorp",
"version": "3.2.1"
},
{
"model": "line",
"scope": "eq",
"trust": 0.3,
"vendor": "line",
"version": "3.2.1.83"
},
{
"model": "line",
"scope": "eq",
"trust": 0.3,
"vendor": "line",
"version": "3.2.1"
}
],
"sources": [
{
"db": "BID",
"id": "69336"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:linecorp:line:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.1.83",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:linecorp:line:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7144"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "nu Sub Kittikul",
"sources": [
{
"db": "BID",
"id": "69336"
}
],
"trust": 0.3
},
"cve": "CVE-2013-7144",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-7144",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-67146",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-7144",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-261",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67146",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67146"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. LINE is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. NHN PlayArt LINE is a set of instant chat software developed by Japan NHN PlayArt Company. The software supports free calls, sending text messages and more. There are security vulnerabilities in NHN PlayArt LINE 3.2.1.83 and earlier versions based on Windows platform and NHN PlayArt LINE 3.2.1 and earlier versions based on OS X platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "BID",
"id": "69336"
},
{
"db": "VULHUB",
"id": "VHN-67146"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7144",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261",
"trust": 0.7
},
{
"db": "BID",
"id": "69336",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-67146",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67146"
},
{
"db": "BID",
"id": "69336"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"id": "VAR-201408-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67146"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:56.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://linecorp.com/"
},
{
"title": "Line_2014_325.1395901470",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51682"
},
{
"title": "LineInst3.6.0.32.1402034880",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51681"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67146"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.thaicert.or.th/papers/general/2013/pa2013ge010.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7144"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7144"
},
{
"trust": 0.3,
"url": "http://line.me/en/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67146"
},
{
"db": "BID",
"id": "69336"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67146"
},
{
"db": "BID",
"id": "69336"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-16T00:00:00",
"db": "VULHUB",
"id": "VHN-67146"
},
{
"date": "2013-12-20T00:00:00",
"db": "BID",
"id": "69336"
},
{
"date": "2014-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"date": "2014-08-16T04:39:55.613000",
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"date": "2014-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-18T00:00:00",
"db": "VULHUB",
"id": "VHN-67146"
},
{
"date": "2013-12-20T00:00:00",
"db": "BID",
"id": "69336"
},
{
"date": "2014-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006631"
},
{
"date": "2014-08-18T14:51:08.033000",
"db": "NVD",
"id": "CVE-2013-7144"
},
{
"date": "2014-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on LINE Vulnerable to server impersonation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006631"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-261"
}
],
"trust": 0.6
}
}
FKIE_CVE-2015-0897
Vulnerability from fkie_nvd - Published: 2023-10-31 10:15 - Updated: 2024-11-21 02:23
Severity ?
Summary
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.
References
| URL | Tags | ||
|---|---|---|---|
| vultures@jpcert.or.jp | http://official-blog.line.me/ja/archives/24809761.html | Vendor Advisory | |
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN41281927/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://official-blog.line.me/ja/archives/24809761.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN41281927/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:line:line:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "D980A5EF-C417-4FEF-987C-0E64C5581CA3",
"versionEndIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:line:line:*:*:*:*:*:android:*:*",
"matchCriteriaId": "884285C7-A2A4-40A5-9B68-01DA5D34E69F",
"versionEndIncluding": "5.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker."
},
{
"lang": "es",
"value": "LINE para Android versi\u00f3n 5.0.2 y anteriores y LINE para iOS versi\u00f3n 5.0.0 y anteriores son vulnerables a ataques MITM (man-in-the-middle) ya que la aplicaci\u00f3n permite comunicaciones que no sean SSL/TLS. Como resultado, cualquier API puede ser invocada desde un script inyectado por un atacante MITM (man-in-the-middle)."
}
],
"id": "CVE-2015-0897",
"lastModified": "2024-11-21T02:23:57.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-31T10:15:08.450",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN41281927/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN41281927/"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-924"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-0897 (GCVE-0-2015-0897)
Vulnerability from cvelistv5 – Published: 2023-10-31 09:28 – Updated: 2024-09-12 20:00
VLAI?
Summary
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.
Severity ?
No CVSS data available.
CWE
- Script injection
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| LINE Corporation | LINE for Android |
Affected:
version 5.0.2 and earlier
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN41281927/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2015-0897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T15:23:24.014755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T20:00:26.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LINE for Android",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "version 5.0.2 and earlier"
}
]
},
{
"product": "LINE for iOS",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "version 5.0.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Script injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T09:28:50.586Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"url": "https://jvn.jp/en/jp/JVN41281927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0897",
"datePublished": "2023-10-31T09:28:50.586Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-09-12T20:00:26.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0897 (GCVE-0-2015-0897)
Vulnerability from nvd – Published: 2023-10-31 09:28 – Updated: 2024-09-12 20:00
VLAI?
Summary
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.
Severity ?
No CVSS data available.
CWE
- Script injection
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| LINE Corporation | LINE for Android |
Affected:
version 5.0.2 and earlier
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN41281927/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2015-0897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T15:23:24.014755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T20:00:26.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LINE for Android",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "version 5.0.2 and earlier"
}
]
},
{
"product": "LINE for iOS",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "version 5.0.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Script injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T09:28:50.586Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "http://official-blog.line.me/ja/archives/24809761.html"
},
{
"url": "https://jvn.jp/en/jp/JVN41281927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0897",
"datePublished": "2023-10-31T09:28:50.586Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-09-12T20:00:26.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}