CVE-2015-0897

Q: What is CVE-2015-0897?

CVE-2015-0897 is a vulnerability in LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier that allows MITM (man-in-the-middle) attacks due to the application allowing non-SSL/TLS communications.

Q: How severe is CVE-2015-0897?

CVE-2015-0897 has a severity rating of 5.9, which is classified as medium.

Q: How can a non-SSL/TLS communication vulnerability be exploited?

A MITM (man-in-the-middle) attacker can exploit the non-SSL/TLS communication vulnerability in CVE-2015-0897 to inject a script and invoke any API in the LINE application.

Q: Which versions of LINE for Android are affected by CVE-2015-0897?

LINE for Android versions up to and including 5.0.2 are affected by CVE-2015-0897.

Q: Which versions of LINE for iOS are affected by CVE-2015-0897?

LINE for iOS versions up to and including 5.0.0 are affected by CVE-2015-0897.

Published Oct 31, 2023

Updated

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Affected Software

2 affected components

LINE Line Iphone Os<=5.0.0

LINE Line Android<=5.0.2

Event History

Oct 31, 2023

CVE Published

09:28 AM

Data Sourced

09:28 AM

DescriptionWeakness

Frequently Asked Questions

What is CVE-2015-0897?

CVE-2015-0897 is a vulnerability in LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier that allows MITM (man-in-the-middle) attacks due to the application allowing non-SSL/TLS communications.

How severe is CVE-2015-0897?

CVE-2015-0897 has a severity rating of 5.9, which is classified as medium.

How can a non-SSL/TLS communication vulnerability be exploited?

A MITM (man-in-the-middle) attacker can exploit the non-SSL/TLS communication vulnerability in CVE-2015-0897 to inject a script and invoke any API in the LINE application.

Which versions of LINE for Android are affected by CVE-2015-0897?

LINE for Android versions up to and including 5.0.2 are affected by CVE-2015-0897.

Which versions of LINE for iOS are affected by CVE-2015-0897?

LINE for iOS versions up to and including 5.0.0 are affected by CVE-2015-0897.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2015-0897 - SecAlerts