CVE-2016-6587
Last modified
CVE-2016-6587 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information.. EPSS estimates a 0.46% chance of exploitation in the next 30 days.
Description
An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton Mobile Security | < 3.16 |
References
- http://www.securityfocus.com/bid/93858Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1037225Third Party Advisory, VDB Entry
- https://support.symantec.com/us/en/article.symsa1384.htmlThird Party Advisory
- https://vuldb.com/?id.93273Permissions Required, Third Party Advisory
- http://www.securityfocus.com/bid/93858Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1037225Third Party Advisory, VDB Entry
- https://support.symantec.com/us/en/article.symsa1384.htmlThird Party Advisory
- https://vuldb.com/?id.93273Permissions Required, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-6587?
How severe is CVE-2016-6587?
How do I fix CVE-2016-6587?
Are you affected by CVE-2016-6587?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST