36 matches found
EUVD-2013-4552
Malware in sbrugna...
EUVD-2012-2631
Malware in sbrugna...
EUVD-2013-4553
Malware in sbrugna...
EUVD-2014-5768
Malware in sbrugna...
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's devi...
CVE-2013-4700
The Yahoo! Japan Shopping application 1.4 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2013-4699
The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's devi...
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's devi...
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's devi...
CVE-2024-28895
CVE-2024-28895 is a cross-site scripting vulnerability in the Yahoo! JAPAN App for Android (2.3.1–3.161.1) and iOS (3.2.2–4.109.0). The root cause is a WebView-based XSS (CWE-79) that could allow an arbitrary script to execute in the WebView via another app on the device. Exploitation details are...
PT-2024-22635 · Yahoo · Yahoo! Japan App For Android +1
Name of the Vulnerable Software and Affected Versions: Yahoo! JAPAN App for Android versions 2.3.1 through 3.161.1 Yahoo! JAPAN App for iOS versions 3.2.2 through 4.109.0 Description: The issue is related to a cross-site scripting vulnerability. If exploited, an arbitrary script may be executed o...
"Yahoo! JAPAN" App vulnerable to cross-site scripting
Overview "Yahoo! JAPAN" App provided by LY Corporation contains a cross-site scripting vulnerability CWE-79. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
Yahoo! JAPAN 安全漏洞
Yahoo! JAPAN is a portal website of Yahoo! A security vulnerability exists in Yahoo! JAPAN versions v2.3.1 through v3.161.1, which originates from an arbitrary script that can be executed via the WebView of an application installed on a user's device...
JVN#23528780: "Yahoo! JAPAN" App vulnerable to cross-site scripting
"Yahoo! JAPAN" App provided by LY Corporation contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the WebView of "Yahoo! JAPAN" App via other app installed on the user's device. Solution Update the application Update the application to the latest...
fortune.yahoo.co.jp XSS vulnerability
Vulnerable URL: https://fortune.yahoo.co.jp/stw/genie/swf/input.swf?ty=w&op1;=&op2;==p=javascript:alert/OPENBUGBOUNTY/ Details: Description| Value ---|--- Patched:| Yes, at 04.09.2017 Latest check for patch:| 04.09.2017 09:04 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
Overview Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Yahoo Japan Corporation reported this vulnerability to JPCERT/CC to notify users of this issue through JVN. JPCERT/CC coordinated with Yahoo Japan...
JVN#48270605: Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version...
CVE-2014-5881
The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...