Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2599

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2599
Last Modified 26 Jan 2012 11:01:15
Published 30 Jun 2011 11:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2599

Summary

Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.

Vulnerable Systems

Application

  • Google Chrome 11


References

MISC - http://www.contextis.co.uk/resources/blog/webgl/

MLIST - [whatwg] 20110314 Canvas and drawWindow


Last Updated: 27 May 2016 10:57:03