Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-2366

EPSS 0.61% · P70
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-2366

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mozilla Firefox Gecko WebGL越界读取信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Gecko是由Mozilla基金会开发的布局引擎的名字。它原本叫作 NGLayout。Gecko的作用是读取诸如HTML、CSS、XUL和JavaScript等的网页内容,并呈现到 用户屏幕或打印出来。 在Mozilla Firefox 5.0之前版本和Thunderbird 5.0之前版本中使用的Mozilla Gecko 5.0之前版本不能限制跨域图像作为WebGL结构的使用。该漏洞源于WebGL代码中的越界读取和无效写入,远程攻击者可借助涉及特制WebGL碎片着色程序的定时攻击获取近似任意图像的副本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-2366

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-2366

Please Login to view more intelligence information

Same Patch Batch · n/a · 2011-06-30 · 33 CVEs total

CVE-2011-2605Mozilla Firefox和Thunderbird CRLF注入漏洞
CVE-2011-2604Intel G41驱动程序拒绝服务漏洞
CVE-2011-2603NVIDIA 9400M驱动程序拒绝服务漏洞
CVE-2011-2602NVIDIA Geforce 310驱动程序拒绝服务漏洞
CVE-2011-2601Apple Mac OS X GPU支持功能权限许可和访问控制漏洞
CVE-2011-2600Microsoft Windows XP GPU支持功能权限许可和访问控制漏洞
CVE-2011-2599Google Chrome信息泄露漏洞
CVE-2011-2598Mozilla Firefox WebGL实现信息泄露漏洞
CVE-2011-2197Ruby on Rails跨站脚本攻击漏洞
CVE-2009-5082GNU troff后置链接漏洞
CVE-2009-5081GNU troff后置链接漏洞
CVE-2009-5080GNU troff后置链接漏洞
CVE-2009-5079GNU troff后置链接漏洞
CVE-2009-5078GNU troff contrib/pdfmark/pdfroff.sh设计错误漏洞
CVE-2011-2607IBM Rational Team Concert跨站脚本攻击漏洞
CVE-2011-2606IBM Rational Team Concert Web UI跨站脚本攻击漏洞
CVE-2011-0083Mozilla Firefox/Thunderbird/SeaMonkey SVG解析释放后使用漏洞
CVE-2011-2377Mozilla Firefox/Thunderbird/SeaMonkey远程内存破坏漏洞
CVE-2011-2376Mozilla Firefox和Thunderbird浏览器引擎内存破坏漏洞
CVE-2011-2375Mozilla Firefox和Thunderbird内存破坏漏洞

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-2366

No comments yet

Leave a comment