{
  "threat_severity" : "Low",
  "public_date" : "2011-03-25T00:00:00Z",
  "bugzilla" : {
    "description" : "nspluginwrapper: NPNVprivateModeBool variable not forwarded",
    "id" : "715384",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=715384"
  },
  "cvss" : {
    "cvss_base_score" : "2.6",
    "cvss_scoring_vector" : "AV:N/AC:H/Au:N/C:P/I:N/A:N",
    "status" : "verified"
  },
  "details" : [ "nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash." ],
  "statement" : "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-11-13T00:00:00Z",
    "advisory" : "RHSA-2012:1459",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "nspluginwrapper-0:1.4.4-1.el6_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "nspluginwrapper",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-2486\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2486" ],
  "name" : "CVE-2011-2486",
  "csaw" : false
}