Search
Find a vulnerability
Search criteria
4 vulnerabilities found for Norton Password Manager by Symantec Corporation
CVE-2019-12755 (GCVE-0-2019-12755)
Vulnerability from nvd – Published: 2019-09-17 15:49 – Updated: 2024-08-04 23:32
VLAI
Summary
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.symantec.com/us/en/article.SYMSA1… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Symantec Corporation | Norton Password Manager |
Affected:
Prior to 6.5.0.2104
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Password Manager",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 6.5.0.2104"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-17T15:49:23.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.5.0.2104"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1493.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12755",
"datePublished": "2019-09-17T15:49:23.000Z",
"dateReserved": "2019-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:32:55.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18362 (GCVE-0-2018-18362)
Vulnerability from nvd – Published: 2018-12-06 19:00 – Updated: 2024-08-05 11:08
VLAI
Summary
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
Severity
No CVSS data available.
CWE
- Cross Site Scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.symantec.com/en_US/article.SYMSA1… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106055 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Symantec Corporation | Norton Password Manager |
Affected:
Prior to 6.1.0.1045
|
Date Public
2018-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Password Manager",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 6.1.0.1045"
}
]
}
],
"datePublic": "2018-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-07T10:57:01.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106055"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-18362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.1.0.1045"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1470.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106055"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-18362",
"datePublished": "2018-12-06T19:00:00.000Z",
"dateReserved": "2018-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:08:21.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12755 (GCVE-0-2019-12755)
Vulnerability from cvelistv5 – Published: 2019-09-17 15:49 – Updated: 2024-08-04 23:32
VLAI
Summary
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.symantec.com/us/en/article.SYMSA1… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Symantec Corporation | Norton Password Manager |
Affected:
Prior to 6.5.0.2104
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Password Manager",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 6.5.0.2104"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-17T15:49:23.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.5.0.2104"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1493.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/us/en/article.SYMSA1493.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12755",
"datePublished": "2019-09-17T15:49:23.000Z",
"dateReserved": "2019-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:32:55.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18362 (GCVE-0-2018-18362)
Vulnerability from cvelistv5 – Published: 2018-12-06 19:00 – Updated: 2024-08-05 11:08
VLAI
Summary
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
Severity
No CVSS data available.
CWE
- Cross Site Scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.symantec.com/en_US/article.SYMSA1… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/106055 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Symantec Corporation | Norton Password Manager |
Affected:
Prior to 6.1.0.1045
|
Date Public
2018-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Password Manager",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 6.1.0.1045"
}
]
}
],
"datePublic": "2018-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-07T10:57:01.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106055"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-18362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.1.0.1045"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1470.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1470.html"
},
{
"name": "106055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106055"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-18362",
"datePublished": "2018-12-06T19:00:00.000Z",
"dateReserved": "2018-10-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:08:21.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}