Bug 715384 (CVE-2011-2486) - CVE-2011-2486 nspluginwrapper: NPNVprivateModeBool variable not forwarded
Summary: CVE-2011-2486 nspluginwrapper: NPNVprivateModeBool variable not forwarded
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-2486
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 870073 870074
Blocks: 712354 870103
TreeView+ depends on / blocked
 
Reported: 2011-06-22 18:07 UTC by Josh Bressers
Modified: 2021-02-24 15:12 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-26 23:03:17 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:1459 0 normal SHIPPED_LIVE Low: nspluginwrapper security and bug fix update 2012-11-13 19:06:01 UTC

Description Josh Bressers 2011-06-22 18:07:22 UTC
nspluginwrapper forwards variable values requested via NPN_GetValue from
firefox to the plugins it wraps around. One of the variables,
NPNVprivateModeBool, is used to tell the plugin if firefox is in private
browsing mode. The flash plugin (when it is wrapped by nspluginwrapper)
queries the browser via nsplugin wrapper and changes its behaviour
accordingly. However, the nspluginwrapper versions in RHEL-5 and RHEL-6 do
not implement this variable and simply return an error:

*** NSPlugin Viewer *** WARNING: unhandled variable 18 (<unknown variable>) in NPN_GetValue()

where the enum 18 is NPNVprivateModeBool. As a result, the flash player may
continue to run as if the browser is not in private mode.

The fix for this issue can be found here:
https://github.com/davidben/nspluginwrapper/commit/7e4ab8e1189846041f955e6c83f72bc1624e7a98

Comment 1 Martin Stransky 2011-06-22 20:09:52 UTC
Yeah, that's for me.

Comment 2 Josh Bressers 2011-06-28 16:13:04 UTC
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

Comment 3 Tomas Dosek 2012-09-11 06:41:54 UTC
Raising priority and severity of the case, as we have a customer affected by this issue.

Versions of packages used in their environment:

firefox-10.0.7-1.el6_3.x86_64
nspluginwrapper-1.3.0-14.el6.x86_64
nspluginwrapper-1.3.0-14.el6.i686
flash-plugin-11.2.202.238-1.el6.i686

Comment 8 errata-xmlrpc 2012-11-13 14:06:26 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:1459 https://rhn.redhat.com/errata/RHSA-2012-1459.html

Comment 9 Vincent Danen 2015-02-26 23:03:17 UTC
Statement:

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.


Note You need to log in before you can comment on or make changes to this bug.