The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D
functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow
remote attackers to bypass the Same Origin Policy and render content in a
different domain via unspecified vectors.