Back to search
CVE-2011-1300
Published: Apr 15, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2011-1006
vdb-entry
x_refsource_VUPEN
http://code.google.com/p/angleproject/source/detail?r=611
x_refsource_CONFIRM
1025377
vdb-entry
x_refsource_SECTRACK
http://code.google.com/p/chromium/issues/detail?id=70070
x_refsource_CONFIRM
44141
third-party-advisory
x_refsource_SECUNIA
47377
vdb-entry
x_refsource_BID
https://bugzilla.mozilla.org/show_bug.cgi?id=623791
x_refsource_CONFIRM
chrome-gpu-dos(66766)
vdb-entry
x_refsource_XF
http://www.mozilla.org/security/announce/2011/mfsa2011-17.html
x_refsource_CONFIRM
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:14466
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now