CVE-2011-2598

Firefox 4.x - Unauthorized Sensitive Information Exposure via WebGL and SVG Filter

Title source: llm
STIX 2.1

Description

The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48319
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207

Scores

EPSS 0.0130
EPSS Percentile 67.0%

Details

CWE
CWE-200
Status published
Products (2)
mozilla/firefox 4.0 (13 CPE variants)
mozilla/firefox 4.0.1
Published Jun 30, 2011
Tracked Since Feb 18, 2026