LINE PLAY - Your Avatar World - Dangerous filesystem permissions, Exported ContentProvider, Hardcoded secrets vulnerabilities

HackApp vulnerability scanner discovered that application LINE PLAY - Your Avatar World published at the 'play' market has multiple vulnerabilities...

CVE-2014-6980

The LINE PLAY aka jp.naver.lineplay.android application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The LINE PLAY aka jp.naver.lineplay.android application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6980

The LINE PLAY aka jp.naver.lineplay.android application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6980

The CVE-2014-6980 entry concerns the LINE PLAY Android app (version 2.3.1.1). The vulnerability is an inability to verify X.509 SSL certificates, enabling MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. According to NVD data, the impact is PARTIAL confi...