Vulnerabilites related to LINE Corporation - LINE for Windows
CVE-2022-22820 (GCVE-0-2022-22820)
Vulnerability from cvelistv5
Published
2022-01-20 11:47
Modified
2024-08-03 03:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | LINE for Windows |
Version: < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1357400"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LINE for Windows",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "\u003c"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-20T11:47:43",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LINE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1357400"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "dl_cve@linecorp.com",
"ID": "CVE-2022-22820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LINE for Windows",
"version": {
"version_data": [
{
"version_affected": "7.4",
"version_value": "\u003c"
}
]
}
}
]
},
"vendor_name": "LINE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1357400",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1357400"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LINE",
"cveId": "CVE-2022-22820",
"datePublished": "2022-01-20T11:47:43",
"dateReserved": "2022-01-07T00:00:00",
"dateUpdated": "2024-08-03T03:21:49.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29505 (GCVE-0-2022-29505)
Vulnerability from cvelistv5
Published
2022-04-27 14:28
Modified
2024-08-03 06:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | LINE for Windows |
Version: < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1423049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LINE for Windows",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "\u003c"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T14:28:30",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LINE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1423049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "dl_cve@linecorp.com",
"ID": "CVE-2022-29505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LINE for Windows",
"version": {
"version_data": [
{
"version_affected": "7.8",
"version_value": "\u003c"
}
]
}
}
]
},
"vendor_name": "LINE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1423049",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1423049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LINE",
"cveId": "CVE-2022-29505",
"datePublished": "2022-04-27T14:28:30",
"dateReserved": "2022-04-19T00:00:00",
"dateUpdated": "2024-08-03T06:26:05.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36216 (GCVE-0-2021-36216)
Vulnerability from cvelistv5
Published
2021-09-08 17:50
Modified
2024-08-04 00:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | LINE for Windows |
Version: <= |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/950688"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LINE for Windows",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "\u003c="
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T17:50:44",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LINE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/950688"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "dl_cve@linecorp.com",
"ID": "CVE-2021-36216",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LINE for Windows",
"version": {
"version_data": [
{
"version_affected": "6.2.1.2289",
"version_value": "\u003c="
}
]
}
}
]
},
"vendor_name": "LINE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/950688",
"refsource": "MISC",
"url": "https://hackerone.com/reports/950688"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LINE",
"cveId": "CVE-2021-36216",
"datePublished": "2021-09-08T17:50:44",
"dateReserved": "2021-07-07T00:00:00",
"dateUpdated": "2024-08-04T00:54:50.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}