Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2988

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-2988
Last Modified 29 Apr 2015 09:59:17
Published 18 Aug 2011 02:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2988

Summary

Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.

Vulnerable Systems

Application

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=665936

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-33.html

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-31.html

CONFIRM - http://www.mozilla.org/security/announce/2011/mfsa2011-29.html

SUSE - SUSE-SA:2011:037

SECUNIA - 49055

BID - 49242


Last Updated: 27 May 2016 10:55:05