Search

Find a vulnerability

Search criteria

    1 vulnerability found for Yahoo! Japan Shopping by Yahoo Japan Corporation

    JVNDB-2013-000079

    Vulnerability from jvndb - Published: 2013-08-19 15:50 - Updated:2013-08-23 18:42
    Severity
    N/A (UNKNOWN) - -
    Summary
    Yahoo! Japan Shopping for Android contains an issue where it fails to verify SSL server certificates
    Details
    Yahoo! Japan Shopping for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Zachary Mathis of Proactive Defense (Kobe Digital Labo) reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000079.html",
      "dc:date": "2013-08-23T18:42+09:00",
      "dcterms:issued": "2013-08-19T15:50+09:00",
      "dcterms:modified": "2013-08-23T18:42+09:00",
      "description": "Yahoo! Japan Shopping for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates.\r\n\r\nZachary Mathis of Proactive Defense (Kobe Digital Labo) reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000079.html",
      "sec:cpe": {
        "#text": "cpe:/a:misc:japan_shopping",
        "@product": "Yahoo! Japan Shopping",
        "@vendor": "Yahoo Japan Corporation",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000079",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN75084836/index.html",
          "@id": "JVN#75084836",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4700",
          "@id": "CVE-2013-4700",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4700",
          "@id": "CVE-2013-4700",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Yahoo! Japan Shopping for Android contains an issue where it fails to verify SSL server certificates"
    }