CVE-2011-2486 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-2486 Interim 1 10 2022-10-15T17:58:27Z current 2021-05-30T12:58:11Z 2022-10-15T17:58:27Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-2486 nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed nspluginwrapper-1.4.4-16.6 nspluginwrapper-1.4.4-16.6 as a component of openSUSE Tumbleweed nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash. CVE-2011-2486 openSUSE Tumbleweed:nspluginwrapper-1.4.4-16.6 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N