The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105146 | Third Party Advisory VDB Entry |
https://support.symantec.com/en_US/article.SYMSA1460.html | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: symantec
Published: 2018-08-22T00:00:00
Updated: 2018-08-30T09:57:01
Reserved: 2018-06-12T00:00:00
Link: CVE-2018-12240
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-08-29T20:29:00.233
Modified: 2020-07-15T15:45:49.127
Link: CVE-2018-12240
JSON object: View
Redhat Information
No data.
CWE