CVE-2011-2486
N/A
N/A
Summary
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.novell.com/show_bug.cgi?id=702034
- https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98
- http://rhn.redhat.com/errata/RHSA-2012-1459.html
- http://www.securitytracker.com/id?1027757
- http://lwn.net/Alerts/524725/
- https://bugzilla.redhat.com/show_bug.cgi?id=715384
References
- https://bugzilla.novell.com/show_bug.cgi?id=702034
- https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98
- http://rhn.redhat.com/errata/RHSA-2012-1459.html
- http://www.securitytracker.com/id?1027757
- http://lwn.net/Alerts/524725/
- https://bugzilla.redhat.com/show_bug.cgi?id=715384
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.