Vulnerability Details : CVE-2011-2600
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.
Vulnerability category: Denial of service
Products affected by CVE-2011-2600
- cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-2600
0.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2600
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST |
CWE ids for CVE-2011-2600
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2600
-
http://www.contextis.com/resources/blog/webgl/
Page Not Found | Context Information Security UKExploit
Jump to