VYPR
Unrated severityNVD Advisory· Published Jun 16, 2012· Updated Jun 16, 2026

CVE-2011-4328

CVE-2011-4328

Description

plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • GNU/Gnash6 versions
    cpe:2.3:a:gnu:gnash:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:gnu:gnash:*:*:*:*:*:*:*:*range: <=0.8.9
    • cpe:2.3:a:gnu:gnash:0.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnash:0.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnash:0.8.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:gnash:0.8.9:rc4:*:*:*:*:*:*
    • (no CPE)range: <0.8.10

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.