CVE-2011-2599

Google Chrome 11 - Exposure of Sensitive Information via WebGL Timing Attack

Title source: llm
STIX 2.1

Description

Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14183

Scores

EPSS 0.0080
EPSS Percentile 52.4%

Details

CWE
CWE-200
Status published
Products (1)
google/chrome 11
Published Jun 30, 2011
Tracked Since Feb 18, 2026