CVE-2011-4328 - OpenCVE

plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Gnash

Configuration 1 [-]

OR	cpe:2.3:a:gnu:gnash::::::::
	cpe:2.3:a:gnu:gnash:0.8.5:::::::*
	cpe:2.3:a:gnu:gnash:0.8.7:::::::*
	cpe:2.3:a:gnu:gnash:0.8.8:::::::*
	cpe:2.3:a:gnu:gnash:0.8.9:rc4::::::

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649384
http://git.savannah.gnu.org/gitweb/?p=gnash.git%3Ba=commitdiff%3Bh=fa481c116e65ccf9137c7ddc8abc3cf05dc12f55
http://lists.opensuse.org/opensuse-updates/2012-03/msg00003.html
http://lists.opensuse.org/opensuse-updates/2012-03/msg00026.html
http://secunia.com/advisories/48325
http://secunia.com/advisories/48466
http://www.debian.org/security/2012/dsa-2435
http://www.openwall.com/lists/oss-security/2011/11/21/12
http://www.openwall.com/lists/oss-security/2011/11/21/7
http://www.osvdb.org/77243
http://www.securityfocus.com/bid/50747
https://bugzilla.redhat.com/show_bug.cgi?id=755518

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-06-16T00:00:00

Updated: 2024-08-07T00:01:51.570Z

Reserved: 2011-11-04T00:00:00

Link: CVE-2011-4328

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-06-16T00:55:05.357

Modified: 2023-02-13T04:32:49.543

Link: CVE-2011-4328

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-11-20T00:00:00", "descriptions": [{"lang": "en", "value": "plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-03T22:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20111121 Re: CVE Request (minor) -- gnash -- Unsafe management of HTTP cookies", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/11/21/12"}, {"name": "openSUSE-SU-2012:0330", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00003.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.savannah.gnu.org/gitweb/?p=gnash.git%3Ba=commitdiff%3Bh=fa481c116e65ccf9137c7ddc8abc3cf05dc12f55"}, {"name": "[oss-security] 20111121 CVE Request (minor) -- gnash -- Unsafe management of HTTP cookies", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/11/21/7"}, {"name": "48325", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48325"}, {"name": "50747", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/50747"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649384"}, {"name": "openSUSE-SU-2012:0369", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00026.html"}, {"name": "DSA-2435", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2435"}, {"name": "77243", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77243"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=755518"}, {"name": "48466", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48466"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:01:51.570Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20111121 Re: CVE Request (minor) -- gnash -- Unsafe management of HTTP cookies", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/11/21/12"}, {"name": "openSUSE-SU-2012:0330", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00003.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.savannah.gnu.org/gitweb/?p=gnash.git%3Ba=commitdiff%3Bh=fa481c116e65ccf9137c7ddc8abc3cf05dc12f55"}, {"name": "[oss-security] 20111121 CVE Request (minor) -- gnash -- Unsafe management of HTTP cookies", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/11/21/7"}, {"name": "48325", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48325"}, {"name": "50747", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/50747"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649384"}, {"name": "openSUSE-SU-2012:0369", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00026.html"}, {"name": "DSA-2435", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2435"}, {"name": "77243", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/77243"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=755518"}, {"name": "48466", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48466"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4328", "datePublished": "2012-06-16T00:00:00", "dateReserved": "2011-11-04T00:00:00", "dateUpdated": "2024-08-07T00:01:51.570Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gnash:*:*:*:*:*:*:*:*", "matchCriteriaId": "05274F4A-C18C-4A79-8F5D-60C72342BB5C", "versionEndIncluding": "0.8.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnash:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "3FB00A25-37A0-46EE-9811-99946225D7C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnash:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "3CAADE3B-38A3-4663-AAC5-4D3EB885DE5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnash:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "74D91B3F-C6EF-4E46-929D-E3D02D93808A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnash:0.8.9:rc4:*:*:*:*:*:*", "matchCriteriaId": "39CCB5F6-1871-42FF-9E75-BAB6108CACC1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information."}, {"lang": "es", "value": "En el archivo plugin/npapi/plugin.cpp en Gnash anterior a versi\u00f3n 0.8.10, utiliza permisos d\u00e9biles (legibles en todo el mundo) para archivos de cookies con nombres predecibles en /tmp, lo que permite a los usuarios locales obtener informaci\u00f3n confidencial."}], "id": "CVE-2011-4328", "lastModified": "2023-02-13T04:32:49.543", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-06-16T00:55:05.357", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649384"}, {"source": "secalert@redhat.com", "url": "http://git.savannah.gnu.org/gitweb/?p=gnash.git%3Ba=commitdiff%3Bh=fa481c116e65ccf9137c7ddc8abc3cf05dc12f55"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00003.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00026.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48325"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48466"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2012/dsa-2435"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/11/21/12"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/11/21/7"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/77243"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/50747"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=755518"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}