PT-2020-8043 · Symantec · Symantec Norton Mobile Security

Published

2020-01-08

Updated

2020-01-15

CVE-2016-6586

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Symantec Norton Mobile Security for Android versions prior to 3.16

Description: A security bypass issue exists, potentially allowing a malicious user to conduct a man-in-the-middle attack via specially crafted JavaScript. This could enable the addition of arbitrary URLs to the URL whitelist.

Recommendations: For versions prior to 3.16, update to version 3.16 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2016-6586

Affected Products

Symantec Norton Mobile Security

PT-2020-8043 · Symantec · Symantec Norton Mobile Security

CVE-2016-6586

Weakness Enumeration

Related Identifiers

Affected Products

References · 5