JVN#48270605: Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

2014-09-25T00:00:00
ID JVN:48270605
Type jvn
Reporter Japan Vulnerability Notes
Modified 2014-09-25T00:00:00

Description

## Description

Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates.

## Impact

A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Yahoo! Japan Box for Android ver 1.5.4 and earlier