mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
102 lines
3.1 KiB
JSON
102 lines
3.1 KiB
JSON
{
|
|
"id": "CVE-2011-2486",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2012-11-19T12:10:48.917",
|
|
"lastModified": "2013-09-01T06:24:51.890",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "nspluginwrapper antes de v1.4.4 no proporciona adecuadamente acceso a la variable de configuraci\u00f3n NPNVprivateModeBool, lo que podr\u00eda impedir a algunos plugins de Firefox a la hora de determinar si se deben ejecutar en el modo de navegaci\u00f3n privada y permitir de esta forma a atacantes remotos evitar las restricciones de acceso, tal y como se demostr\u00f3 con el uso inapropiado de Flash.\r\n"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:nspluginwrapper:nspluginwrapper:1.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "87E01B32-8F5C-4327-993B-7C43D1B45E7E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://lwn.net/Alerts/524725/",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2012-1459.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1027757",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.novell.com/show_bug.cgi?id=702034",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=715384",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |