2289 matches found
CVE-2011-2601
The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service desktop hang via vectors involving WebGL and 1 shader programs or 2 complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to vis...
CVE-2011-2598
The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory...
CVE-2011-2603
The CVE-2011-2603 entry affects the NVIDIA 9400M driver (version 6.2.6) on Mac OS X 10.6.7. The vulnerability allows remote attackers to cause a denial of service (desktop hang) when a crafted WebGL page is loaded in Chrome or Firefox, demonstrated by lots-of-polys-example.html in the Khronos Web...
CVE-2011-2366
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader...
CVE-2011-2601
The CVE-2011-2601 issue affects macOS GPU WebGL rendering. The underlying problem is that GPU support does not properly constrain rendering time, allowing a remote attacker to cause a denial of service (desktop hang) through WebGL vectors. Specifically, it can be triggered by (1) shader programs ...
CVE-2011-2600
The CVE-2011-2600 issue affects the GPU support in Windows XP, where rendering time is not properly restricted. This enables remote denial of service (system crash) via WebGL vectors using (1) shader programs or (2) complex 3D geometry, demonstrated by visiting lots-of-polys-example.html in the K...
CVE-2011-2599
CVE-2011-2599 concerns Google Chrome 11, where the WebGL implementation did not block using a cross-domain image as a WebGL texture. This enables a timing attack to obtain approximate copies of arbitrary images, constituting an information disclosure vulnerability. The issue is described across m...
CVE-2011-2603
The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attackers to cause a denial of service desktop hang via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK...
CVE-2011-2604
The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service system crash via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK...
CVE-2011-2604
The CVE-2011-2604 entry affects Intel G41 driver 6.14.10.5355 on Windows XP SP3. A crafted web page visited by Google Chrome or Mozilla Firefox can cause a denial of service (system crash), as demonstrated by lots-of-polys-example.html in the Khronos WebGL SDK. No additional remediation details a...
CVE-2011-2598
CVE-2011-2598 affects Mozilla Firefox 4.x WebGL implementation. The vulnerability allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory. Connected sources con...
CVE-2011-2600
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service system crash via vectors involving WebGL and 1 shader programs or 2 complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to...
CVE-2011-2366
CVE-2011-2366 : Gecko-based browsers (Firefox < 5.0, Thunderbird
CVE-2011-2599
Removed by vendor...
CVE-2011-2599
Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader...
Mozilla Firefox WebGL越界读取信息泄露漏洞
BUGTRAQ ID: 48371 CVE ID: CVE-2011-2366 Firefox是一款非常流行的开源WEB浏览器。 Mozilla Firefox在实现上存在信息泄露漏洞,远程攻击者可利用此漏洞绕过同源策略并获取敏感信息。 WebGL代码中存在两个崩溃。一个是由于越界读取,可被利用从在GPU中存储数据的其他进程中读取数据。第二个崩溃是由于无效写入,可被利用执行任意代码。 Mozilla Firefox 4.0.x Mozilla Firefox 3.x Mozilla Thunderbird 3.x Mozilla Thunderbird 2.x Mozilla...
CVE-2011-2367
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service application crash, via unspecified vectors...
CVE-2011-2368
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...
CVE-2011-2366
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader...
Ubuntu: Security Advisory (USN-1157-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...