CVE-2011-3653Sensitive Information Exposure in Mozilla Firefox

CWE-200Sensitive Information Exposure2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 53.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Thunderbird
Timeline
PublishedNov 9
Latest updateMay 17

Description

Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmozilla/firefox7.0.1+109
NVDmozilla/thunderbird7.0.1+94

🔴Vulnerability Details

1
GHSA
GHSA-58gm-6m3r-xgx9: Mozilla Firefox before 82022-05-17