CVE-2011-4328

Published: 16 June 2012

plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.

Priority

Medium

Status

Package Release Status
gnash
Launchpad, Ubuntu, Debian
Upstream
Released (0.8.10-1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.8.10-3ubuntu1)