Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2598

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2598
Last Modified 26 Jan 2012 11:01:15
Published 30 Jun 2011 11:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2598

Summary

The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.

Vulnerable Systems

Application

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1


References

MISC - http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/

BID - 48319

MISC - http://www.contextis.com/resources/blog/webgl2/

CONFIRM - http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/


Last Updated: 27 May 2016 10:57:03