CVE-2011-2988
CVE-2011-2988
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=665936http://secunia.com/advisories/49055https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14270http://www.mozilla.org/security/announce/2011/mfsa2011-29.htmlhttp://www.mozilla.org/security/announce/2011/mfsa2011-31.htmlhttp://www.mozilla.org/security/announce/2011/mfsa2011-33.htmlhttp://www.securityfocus.com/bid/49242