5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.5%
CentOS Errata and Security Advisory CESA-2012:1459
nspluginwrapper is a utility which allows 32-bit plug-ins to run in a
64-bit browser environment (a common example is Adobe’s browser plug-in for
presenting proprietary Flash files embedded in web pages). It includes the
plug-in viewer and a tool for managing plug-in installations and updates.
It was not possible for plug-ins wrapped by nspluginwrapper to discover
whether the browser was running in Private Browsing mode. This flaw could
lead to plug-ins wrapped by nspluginwrapper using normal mode while they
were expected to run in Private Browsing mode. (CVE-2011-2486)
This update also fixes the following bug:
All users of nspluginwrapper are advised to upgrade to these updated
packages, which upgrade nspluginwrapper to upstream version 1.4.4, and
correct these issues. After installing the update, Firefox must be
restarted for the changes to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2012-November/081154.html
Affected packages:
nspluginwrapper
Upstream details at:
https://access.redhat.com/errata/RHSA-2012:1459
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | nspluginwrapper | < 1.4.4-1.el6_3 | nspluginwrapper-1.4.4-1.el6_3.i686.rpm |
CentOS | 6 | i686 | nspluginwrapper | < 1.4.4-1.el6_3 | nspluginwrapper-1.4.4-1.el6_3.i686.rpm |
CentOS | 6 | x86_64 | nspluginwrapper | < 1.4.4-1.el6_3 | nspluginwrapper-1.4.4-1.el6_3.x86_64.rpm |