CVE-2011-4328
Published: 16 June 2012
plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.
Priority
Status
Package | Release | Status |
---|---|---|
gnash Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Released
(0.8.10-3ubuntu1)
|
|
quantal |
Released
(0.8.10-3ubuntu1)
|
|
raring |
Released
(0.8.10-3ubuntu1)
|
|
saucy |
Released
(0.8.10-3ubuntu1)
|
|
upstream |
Released
(0.8.10-1)
|