Search
Find a vulnerability
Search criteria
2 vulnerabilities by hatena
CVE-2018-0560 (GCVE-0-2018-0560)
Vulnerability from cvelistv5 – Published: 2018-04-16 13:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.
Severity
No CVSS data available.
CWE
- Address bar spoofing
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://bookmark.hatenastaff.com/entry/2018/04/09/170000 | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN77753476/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hatena co.,ltd. | Hatena Bookmark App for iOS |
Affected:
Version 3.0 to 3.70
|
Date Public
2018-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Hatena Bookmark App for iOS",
"vendor": "Hatena co.,ltd.",
"versions": [
{
"status": "affected",
"version": "Version 3.0 to 3.70"
}
]
}
],
"datePublic": "2018-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Address bar spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-16T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0560",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hatena Bookmark App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 3.0 to 3.70"
}
]
}
}
]
},
"vendor_name": "Hatena co.,ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address bar spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000",
"refsource": "CONFIRM",
"url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000"
},
{
"name": "JVN#77753476",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN77753476/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0560",
"datePublished": "2018-04-16T13:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4701 (GCVE-0-2011-4701)
Vulnerability from cvelistv5 – Published: 2012-01-25 02:00 – Updated: 2024-09-16 20:41
VLAI
Summary
The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-20… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-25T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4701",
"datePublished": "2012-01-25T02:00:00.000Z",
"dateReserved": "2011-12-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:41:40.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}