Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

1 vulnerability found for niconico by DWANGO Co., Ltd.

JVNDB-2015-000137

Vulnerability from jvndb - Published: 2015-09-29 14:05 - Updated:2018-03-07 12:26

Severity ?

N/A (UNKNOWN) - -

Summary

niconico App for iOS fails to verify SSL server certificates

Details

niconico App for iOS provided by DWANGO Co., Ltd. fails to verify SSL server certificates. AOKI Keiichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN20355129/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5639
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-5639
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

DWANGO Co., Ltd.

niconico

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000137.html",
  "dc:date": "2018-03-07T12:26+09:00",
  "dcterms:issued": "2015-09-29T14:05+09:00",
  "dcterms:modified": "2018-03-07T12:26+09:00",
  "description": "niconico App for iOS provided by DWANGO Co., Ltd. fails to verify SSL server certificates.\r\n\r\nAOKI Keiichi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000137.html",
  "sec:cpe": {
    "#text": "cpe:/a:dwango:niconico",
    "@product": "niconico",
    "@vendor": "DWANGO Co., Ltd.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000137",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN20355129/index.html",
      "@id": "JVN#20355129",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5639",
      "@id": "CVE-2015-5639",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-5639",
      "@id": "CVE-2015-5639",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "niconico App for iOS fails to verify SSL server certificates"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

1 vulnerability found for niconico by DWANGO Co., Ltd.

JVNDB-2015-000137

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.