Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for Yuko Yuko App for Android by Yuko Yuko Corporation

JVNDB-2014-000111

Vulnerability from jvndb - Published: 2014-09-22 13:50 - Updated:2014-09-22 13:50
Severity ?
N/A (UNKNOWN) - -
Summary
Yuko Yuko App for Android fails to verify SSL server certificates
Details
Yuko Yuko App for Android provided by Yuko Yuko Corporation fails to verify SSL server certificates. Shunsuke Taniguchi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000111.html",
  "dc:date": "2014-09-22T13:50+09:00",
  "dcterms:issued": "2014-09-22T13:50+09:00",
  "dcterms:modified": "2014-09-22T13:50+09:00",
  "description": "Yuko Yuko App for Android provided by Yuko Yuko Corporation fails to verify SSL server certificates.\r\n\r\nShunsuke Taniguchi of LAC Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000111.html",
  "sec:cpe": {
    "#text": "cpe:/a:yukoyuko:yuko_yuko",
    "@product": "Yuko Yuko App for Android",
    "@vendor": "Yuko Yuko Corporation",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2014-000111",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN04560253/index.html",
      "@id": "JVN#04560253",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5323",
      "@id": "CVE-2014-5323",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2014-5323",
      "@id": "CVE-2014-5323",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Yuko Yuko App for Android fails to verify SSL server certificates"
}