CVE-2010-0113
Symantec Norton Mobile Security 1.0 Beta - Unprotected Credential Exposure via Device Logs
Title source: llmDescription
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers to obtain potentially sensitive information by leveraging the ability of a separate crafted application to read these logs.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/63294
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101111_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/69253
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2982
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44767
Scores
EPSS
0.0044
EPSS Percentile
63.6%
Details
CWE
CWE-255
Status
published
Products (1)
symantec/mobile_security
1.0 beta
Published
Nov 15, 2010
Tracked Since
Feb 18, 2026