Vulnerability Details : CVE-2011-1300
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
Vulnerability category: Execute code
Products affected by CVE-2011-1300
- cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1300
2.71%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1300
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-1300
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1300
-
http://www.vupen.com/english/advisories/2011/1006
Webmail | OVH- OVHVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14466
Repository / Oval RepositoryThird Party Advisory
-
http://code.google.com/p/chromium/issues/detail?id=70070
70070 - WebGL crashes depending on uniform names - chromium - MonorailVendor Advisory
-
http://www.securitytracker.com/id?1025377
Google Chrome Heap Overflow and Memory Errors Let Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.mozilla.org/security/announce/2011/mfsa2011-17.html
WebGLES vulnerabilities — MozillaVendor Advisory
-
http://www.securityfocus.com/bid/47377
Google Chrome Prior to 10.0.648.205 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
http://code.google.com/p/angleproject/source/detail?r=611
angle/angle - Git at GoogleVendor Advisory
-
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=623791
623791 - (CVE-2011-1302) [ANGLE] WebGLES shader assertion failed: (oldhashloc >= 0), function IncreaseHashTableSizeIssue Tracking;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66766
Google Chrome GPU process denial of service CVE-2011-1300 Vulnerability ReportThird Party Advisory;VDB Entry
Jump to