1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Candidate: CVE-2011-2486
PublicDate: 2012-11-19
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2486
Description:
nspluginwrapper before 1.4.4 does not properly provide access to
NPNVprivateModeBool variable settings, which could prevent Firefox plugins
from determining if they should run in Private Browsing mode and allow
remote attackers to bypass intended access restrictions, as demonstrated
using Flash.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=715384
Priority: low
Discovered-by:
Assigned-to:
Patches_nspluginwrapper:
patch: https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98
upstream_nspluginwrapper: needs-triage
hardy_nspluginwrapper: ignored (reached end-of-life)
lucid_nspluginwrapper: ignored (reached end-of-life)
maverick_nspluginwrapper: ignored (reached end-of-life)
natty_nspluginwrapper: ignored (reached end-of-life)
oneiric_nspluginwrapper: not-affected
precise_nspluginwrapper: not-affected
quantal_nspluginwrapper: not-affected
raring_nspluginwrapper: not-affected
saucy_nspluginwrapper: not-affected
devel_nspluginwrapper: not-affected
|