QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2486

Published: Nov 19, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.novell.com/show_bug.cgi?id=702034

x_refsource_CONFIRM

https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

http://lwn.net/Alerts/524725/

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=715384

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.