Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by hatena
CVE-2018-0560 (GCVE-0-2018-0560)
Vulnerability from cvelistv5 – Published: 2018-04-16 13:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.
Severity
No CVSS data available.
CWE
- Address bar spoofing
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://bookmark.hatenastaff.com/entry/2018/04/09/170000 | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN77753476/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hatena co.,ltd. | Hatena Bookmark App for iOS |
Affected:
Version 3.0 to 3.70
|
Date Public
2018-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Hatena Bookmark App for iOS",
"vendor": "Hatena co.,ltd.",
"versions": [
{
"status": "affected",
"version": "Version 3.0 to 3.70"
}
]
}
],
"datePublic": "2018-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Address bar spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-16T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0560",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hatena Bookmark App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 3.0 to 3.70"
}
]
}
}
]
},
"vendor_name": "Hatena co.,ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address bar spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000",
"refsource": "CONFIRM",
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0560",
"datePublished": "2018-04-16T13:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4701 (GCVE-0-2011-4701)
Vulnerability from cvelistv5 – Published: 2012-01-25 02:00 – Updated: 2024-09-16 20:41
VLAI
Summary
The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-20… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-25T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4701",
"datePublished": "2012-01-25T02:00:00.000Z",
"dateReserved": "2011-12-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:41:40.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0560 (GCVE-0-2018-0560)
Vulnerability from nvd – Published: 2018-04-16 13:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.
Severity
No CVSS data available.
CWE
- Address bar spoofing
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://bookmark.hatenastaff.com/entry/2018/04/09/170000 | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN77753476/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hatena co.,ltd. | Hatena Bookmark App for iOS |
Affected:
Version 3.0 to 3.70
|
Date Public
2018-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Hatena Bookmark App for iOS",
"vendor": "Hatena co.,ltd.",
"versions": [
{
"status": "affected",
"version": "Version 3.0 to 3.70"
}
]
}
],
"datePublic": "2018-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Address bar spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-16T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0560",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hatena Bookmark App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 3.0 to 3.70"
}
]
}
}
]
},
"vendor_name": "Hatena co.,ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address bar spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000",
"refsource": "CONFIRM",
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0560",
"datePublished": "2018-04-16T13:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4701 (GCVE-0-2011-4701)
Vulnerability from nvd – Published: 2012-01-25 02:00 – Updated: 2024-09-16 20:41
VLAI
Summary
The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-20… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-25T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4701",
"datePublished": "2012-01-25T02:00:00.000Z",
"dateReserved": "2011-12-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:41:40.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}