Vulnerabilities > CVE-2011-2598 - Information Exposure vulnerability in Mozilla Firefox 4.0/4.0.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
mozilla
CWE-200
nessus

Summary

The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.

Vulnerable Configurations

Part Description Count
Application
Mozilla
14

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyWindows
    NASL idSEAMONKEY_22.NASL
    descriptionThe installed version of SeaMonkey is earlier than 2.2.0. As such, it is potentially affected by the following security issues : - Errors in the WebGL implementation can allow the loading of WebGL textures from cross-domain images or allow the crash of the application and execution of arbitrary code. (CVE-2011-2366, CVE-2011-2368) - An out-of-bounds read error exists in the WebGL implementation that can lead to crashes and may allow an attacker to read arbitrary data from the GPU, including that of other processes. (CVE-2011-2367) - An error exists in the decoding of HTML-encoded entities contained in SVG elements. This error could lead to cross-site scripting attacks. (CVE-2011-2369) - An unspecified error exists that allows non-whitelisted sites to trigger an install dialog for add-ons and themes. (CVE-2011-2370) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - A use-after-free error when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2375) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377)
    last seen2020-06-01
    modified2020-06-02
    plugin id55884
    published2011-08-17
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55884
    titleSeaMonkey < 2.2.0 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55884);
      script_version("1.15");
      script_cvs_date("Date: 2018/07/27 18:38:15");
    
      script_cve_id(
        "CVE-2011-2366",
        "CVE-2011-2367",
        "CVE-2011-2368",
        "CVE-2011-2369",
        "CVE-2011-2370",
        "CVE-2011-2371",
        "CVE-2011-2373",
        "CVE-2011-2375",
        "CVE-2011-2377",
        "CVE-2011-2598"
      );
      script_bugtraq_id(
        48319,
        48365,
        48369,
        48371,
        48372,
        48373,
        48375,
        48379,
        48380
      );
      script_xref(name:"EDB-ID", value:"17974");
      script_xref(name:"EDB-ID", value:"17976");
      script_xref(name:"EDB-ID", value:"18531");
    
      script_name(english:"SeaMonkey < 2.2.0 Multiple Vulnerabilities");
      script_summary(english:"Checks version of SeaMonkey");
    
      script_set_attribute(attribute:"synopsis",value:
    "The remote Windows host contains a web browser that may be affected
    by multiple vulnerabilities."
      );
      script_set_attribute(attribute:"description",value:
    "The installed version of SeaMonkey is earlier than 2.2.0.  As such,
    it is potentially affected by the following security issues :
    
      - Errors in the WebGL implementation can allow the
        loading of WebGL textures from cross-domain images or
        allow the crash of the application and execution of 
        arbitrary code. (CVE-2011-2366, CVE-2011-2368)
    
      - An out-of-bounds read error exists in the WebGL 
        implementation that can lead to crashes and may allow
        an attacker to read arbitrary data from the GPU,
        including that of other processes. (CVE-2011-2367)
    
      - An error exists in the decoding of HTML-encoded
        entities contained in SVG elements. This error could lead
        to cross-site scripting attacks. (CVE-2011-2369)
    
      - An unspecified error exists that allows non-whitelisted
        sites to trigger an install dialog for add-ons and
        themes. (CVE-2011-2370)
    
      - When a JavaScript Array object has its length set to an
        extremely large value, the iteration of array elements
        that occurs when its reduceRight method is called could
        result in code execution due to an invalid index value
        being used. (CVE-2011-2371)
    
      - A use-after-free error when viewing XUL documents with
        scripts disabled could lead to code execution.
        (CVE-2011-2373)
    
      - Multiple memory safety issues can lead to application
        crashes and possibly remote code execution.
        (CVE-2011-2375)
    
      - A memory corruption issue due to multipart / 
        x-mixed-replace images could lead to memory corruption.
        (CVE-2011-2377)");
    
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-25/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-26/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-27/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-28/");
      # https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey-2.0/
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dc608134");
    
      script_set_attribute(attribute:"solution", value:"Upgrade to SeaMonkey 2.2.0 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/07/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/08/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
      script_dependencies("mozilla_org_installed.nasl");
      script_require_keys("SeaMonkey/Version");
      exit(0);
    }
    
    include("mozilla_version.inc");
    port = get_kb_item("SMB/transport");
    if (!port) port = 445;
    
    installs = get_kb_list("SMB/SeaMonkey/*");
    if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey");
    
    mozilla_check_version(installs:installs, product:'seamonkey', fix:'2.2', severity:SECURITY_HOLE);
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FIREFOX_5_0.NASL
    descriptionThe installed version of Firefox is earlier than 5.0 and thus, is potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2375) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - It is possible for an image from a different domain to be loaded into a WebGL texture which could be used to steal image data from a different site. (CVE-2011-2366, CVE-2011-2598) - An out-of-bounds read issue and an invalid write issue could cause the application to crash. (CVE-2011-2367, CVE-2011-2368) - HTML-encoded entities are improperly decoded when displayed inside SVG elements which could lead to cross-site scripting attacks. (CVE-2011-2369) - It is possible for a non-whitelisted site to trigger an install dialog for add-ons and themes. (CVE-2011-2370)
    last seen2020-06-01
    modified2020-06-02
    plugin id55419
    published2011-06-24
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55419
    titleFirefox < 5.0 Multiple Vulnerabilities (Mac OS X)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55419);
      script_version("1.13");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id(
        "CVE-2011-2366",
        "CVE-2011-2367",
        "CVE-2011-2368",
        "CVE-2011-2369",
        "CVE-2011-2370",
        "CVE-2011-2371",
        "CVE-2011-2373",
        "CVE-2011-2374",
        "CVE-2011-2375",
        "CVE-2011-2377",
        "CVE-2011-2598" 
      );
      script_bugtraq_id(
        48319, 
        48361,
        48365,
        48365,
        48369,
        48371,
        48372,
        48373,
        48375,
        48379,
        48380
      );
      script_xref(name:"Secunia", value:"44982");
    
      script_name(english:"Firefox < 5.0 Multiple Vulnerabilities (Mac OS X)");
      script_summary(english:"Checks version of Firefox");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Mac OS X host contains a web browser that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Firefox is earlier than 5.0 and thus, is 
    potentially affected by the following security issues :
    
      - Multiple memory safety issues can lead to application 
        crashes and possibly remote code execution.
        (CVE-2011-2374, CVE-2011-2375)
    
      - A use-after-free issue when viewing XUL documents with 
        scripts disabled could lead to code execution.
        (CVE-2011-2373)
    
      - A memory corruption issue due to multipart /
        x-mixed-replace images could lead to memory corruption.
        (CVE-2011-2377)
    
      - When a JavaScript Array object has its length set to an
        extremely large value, the iteration of array elements
        that occurs when its reduceRight method is called could
        result in code execution due to an invalid index value
        being used. (CVE-2011-2371)
    
      - It is possible for an image from a different domain to
        be loaded into a WebGL texture which could be used to 
        steal image data from a different site. (CVE-2011-2366,
        CVE-2011-2598)
    
      - An out-of-bounds read issue and an invalid write issue
        could cause the application to crash. (CVE-2011-2367,
        CVE-2011-2368)
    
      - HTML-encoded entities are improperly decoded when
        displayed inside SVG elements which could lead to 
        cross-site scripting attacks. (CVE-2011-2369)
    
      - It is possible for a non-whitelisted site to trigger an
        install dialog for add-ons and themes. (CVE-2011-2370)");
    
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9382419d");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-25/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-26/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-27/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-28/");
      script_set_attribute(attribute:"solution", value:"Upgrade to Firefox 5.0 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/24");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
    
      script_dependencies("macosx_firefox_installed.nasl");
      script_require_keys("MacOSX/Firefox/Installed");
    
      exit(0);
    }
    
    include("mozilla_version.inc");
    kb_base = "MacOSX/Firefox";
    get_kb_item_or_exit(kb_base+"/Installed");
    
    version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1);
    path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1);
    
    mozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'5.0', skippat:'^3\\.6\\.', severity:SECURITY_HOLE);
    
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_50.NASL
    descriptionThe installed version of Firefox 4 is potentially affected by the following security issues : - Multiple memory safety issues can lead to application crashes and possibly remote code execution. (CVE-2011-2374, CVE-2011-2375) - A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution. (CVE-2011-2373) - A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption. (CVE-2011-2377) - When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371) - It is possible for an image from a different domain to be loaded into a WebGL texture which could be used to steal image data from a different site. (CVE-2011-2366, CVE-2011-2598) - An out-of-bounds read issue and an invalid write issue could cause the application to crash. (CVE-2011-2367, CVE-2011-2368) - HTML-encoded entities are improperly decoded when displayed inside SVG elements which could lead to cross-site scripting attacks. (CVE-2011-2369) - It is possible for a non-whitelisted site to trigger an install dialog for add-ons and themes. (CVE-2011-2370)
    last seen2020-06-01
    modified2020-06-02
    plugin id55288
    published2011-06-21
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55288
    titleFirefox 4 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(55288);
      script_version("1.18");
      script_cvs_date("Date: 2018/07/16 14:09:14");
    
      script_cve_id(
        "CVE-2011-2366",
        "CVE-2011-2367",
        "CVE-2011-2368",
        "CVE-2011-2369",
        "CVE-2011-2370",
        "CVE-2011-2371",
        "CVE-2011-2373",
        "CVE-2011-2374",
        "CVE-2011-2375",
        "CVE-2011-2377",
        "CVE-2011-2598"
      );
      script_bugtraq_id(
        48319, 
        48361,
        48365,
        48365,
        48369,
        48371,
        48372,
        48373,
        48375,
        48379,
        48380
      );
      script_xref(name:"EDB-ID", value:"17974");
      script_xref(name:"EDB-ID", value:"17976");
      script_xref(name:"EDB-ID", value:"18531");
      script_xref(name:"Secunia", value:"44982");
    
      script_name(english:"Firefox 4 Multiple Vulnerabilities");
      script_summary(english:"Checks version of Firefox");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Windows host contains a web browser that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Firefox 4 is potentially affected by the
    following security issues :
    
      - Multiple memory safety issues can lead to application 
        crashes and possibly remote code execution.
        (CVE-2011-2374, CVE-2011-2375)
    
      - A use-after-free issue when viewing XUL documents with 
        scripts disabled could lead to code execution.
        (CVE-2011-2373)
    
      - A memory corruption issue due to multipart /
        x-mixed-replace images could lead to memory corruption.
        (CVE-2011-2377)
    
      - When a JavaScript Array object has its length set to an
        extremely large value, the iteration of array elements
        that occurs when its reduceRight method is called could
        result in code execution due to an invalid index value
        being used. (CVE-2011-2371)
    
      - It is possible for an image from a different domain to
        be loaded into a WebGL texture which could be used to 
        steal image data from a different site. (CVE-2011-2366,
        CVE-2011-2598)
    
      - An out-of-bounds read issue and an invalid write issue
        could cause the application to crash. (CVE-2011-2367,
        CVE-2011-2368)
    
      - HTML-encoded entities are improperly decoded when
        displayed inside SVG elements which could lead to 
        cross-site scripting attacks. (CVE-2011-2369)
    
      - It is possible for a non-whitelisted site to trigger an
        install dialog for add-ons and themes. (CVE-2011-2370)");
    
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9382419d");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-25/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-26/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-27/");
      script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-28/");
      script_set_attribute(attribute:"solution", value:"Upgrade to Firefox 5.0 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/21");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
      script_dependencies("mozilla_org_installed.nasl");
      script_require_keys("Mozilla/Firefox/Version");
      exit(0);
    }
    
    include("mozilla_version.inc");
    port = get_kb_item_or_exit("SMB/transport"); 
    
    installs = get_kb_list("SMB/Mozilla/Firefox/*");
    if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");
    
    mozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'5.0', skippat:'^3\\.6\\.', severity:SECURITY_HOLE);

Oval

accepted2014-10-06T04:01:19.480-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationDTCC
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
  • nameEvgeniy Pavlov
    organizationALTX-SOFT
definition_extensions
commentMozilla Firefox Mainline release is installed
ovaloval:org.mitre.oval:def:22259
descriptionThe WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.
familywindows
idoval:org.mitre.oval:def:14207
statusaccepted
submitted2011-11-25T18:18:44.000-05:00
titleThe WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.
version26