CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15528
https://notcve.org/view.php?id=CVE-2017-15528
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target. Antes de la versión 7.6, el producto Install Norton Security (INS) puede ser susceptible a una vulnerabilidad de suplantación de certificados. En este ataque, un certificado adquirido de manera maliciosa enlaza la clave pública de un atacante al nombre de dominio del objetivo. • http://www.securityfocus.com/bid/101796 https://www.info-sec.ca/advisories/Norton-Security.html https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171121_00 • CWE-295: Improper Certificate Validation •