NVD

Id
9265  
Name
CVE-2011-2486  
Description
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2012-11-19  
Modified Date
2013-09-01  
Seq
2011-2486  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
52960 9265 CVE-2011-2486 http://lwn.net/Alerts/524725/  View
52961 9265 CVE-2011-2486 RHSA-2012:1459  View
52962 9265 CVE-2011-2486 1027757  View
52963 9265 CVE-2011-2486 https://bugzilla.novell.com/show_bug.cgi?id=702034  View
52964 9265 CVE-2011-2486 https://bugzilla.redhat.com/show_bug.cgi?id=715384  View
52965 9265 CVE-2011-2486 https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34955 JVNDB-2011-005197 nspluginwrapper におけるアクセス制限を回避される脆弱性 nspluginwrapper は、プライベートブラウジングモードが実行されている場合、Firefox のプラグインを防止することができる NPNVprivateModeBool 変数設定へのアクセス権限を適切に付与しないため、アクセス制限を回避される脆弱性が存在します。 CVE-2011-2486 50393 CVE-2011-2486 9265 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005197.html 2011-06-30 2012-11-20 View