Lucene search
RootSSV:20655HistoryJun 25, 2011 - 12:00 a.m.
Mozilla Firefox WebGL越界读取信息泄露漏洞
2011-06-2500:00:00
Root
www.seebug.org
26
EPSS
0.013
Percentile
86.1%
BUGTRAQ ID: 48371
CVE ID: CVE-2011-2366
Firefox是一款非常流行的开源WEB浏览器。
Mozilla Firefox在实现上存在信息泄露漏洞,远程攻击者可利用此漏洞绕过同源策略并获取敏感信息。
WebGL代码中存在两个崩溃。一个是由于越界读取,可被利用从在GPU中存储数据的其他进程中读取数据。第二个崩溃是由于无效写入,可被利用执行任意代码。
Mozilla Firefox 4.0.x
Mozilla Firefox 3.x
Mozilla Thunderbird 3.x
Mozilla Thunderbird 2.x
Mozilla SeaMonkey 2.x
Mozilla SeaMonkey 1.x
厂商补丁:
Mozilla
Mozilla已经为此发布了一个安全公告(2011-26)以及相应补丁:
2011-26:Mozilla Foundation Security Advisory 2011-26
链接:http://www.mozilla.org/security/announce/2011/mfsa2011-26.html
Related
mozilla
mozilla
Stealing of cross-domain images using WebGL textures — Mozilla
2011-06-21 00:00:00
cve
cve
CVE-2011-2366
2011-06-30 15:55:03
ubuntucve
ubuntucve
CVE-2011-2366
2011-06-24 00:00:00
cvelist
cvelist
CVE-2011-2366
2011-06-30 15:26:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2011-25) - Linux
2021-11-11 00:00:00
prion
prion
Cross site scripting
2011-06-30 15:55:00
nvd
nvd
CVE-2011-2366
2011-06-30 15:55:03
ubuntu
ubuntu
Firefox regression
2011-06-23 00:00:00
Firefox vulnerabilities
2011-06-22 00:00:00
mozvoikko, ubufox, webfav update
2011-06-22 00:00:00
nessus
nessus
SeaMonkey < 2.2.0 Multiple Vulnerabilities
2011-08-17 00:00:00
Ubuntu 11.04 : mozvoikko, ubufox, webfav update (USN-1157-2)
2011-06-23 00:00:00
Ubuntu 11.04 : firefox vulnerabilities (USN-1157-1)
2011-06-23 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
osv
osv
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00