Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2367

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2011-2367
Last Modified 26 Jan 2012 11:00:48
Published 30 Jun 2011 12:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2367

Summary

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.

Vulnerable Systems

Application

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=656752

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-26.html

SUSE - SUSE-SA:2011:028


Last Updated: 27 May 2016 10:57:00