LINE CVE-2013-7144 X.509 Certificate Validation Security Bypass Vulnerability
BID:69336
Info
LINE CVE-2013-7144 X.509 Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 69336 |
| Class: | Design Error |
| CVE: |
CVE-2013-7144 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 20 2013 12:00AM |
| Updated: | Dec 20 2013 12:00AM |
| Credit: | nu Sub Kittikul |
| Vulnerable: |
LINE Corporation LINE 3.2.1.83 LINE Corporation LINE 3.2.1 |
| Not Vulnerable: | |
Discussion
LINE CVE-2013-7144 X.509 Certificate Validation Security Bypass Vulnerability
LINE is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
LINE is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
Solution / Fix
LINE CVE-2013-7144 X.509 Certificate Validation Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
LINE CVE-2013-7144 X.509 Certificate Validation Security Bypass Vulnerability
References:
References:
- Thailand Surt LINE application vulnerabilities, hackers can intercept the inform (Center for Computer Systems Security)
- LINE Homepage (LINE Corporation)