{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/"}, {"name": "48319", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48319"}, {"name": "oval:org.mitre.oval:def:14207", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207"}, {"tags": ["x_refsource_MISC"], "url": "http://www.contextis.com/resources/blog/webgl2/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-2598", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/", "refsource": "CONFIRM", "url": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/"}, {"name": "48319", "refsource": "BID", "url": "http://www.securityfocus.com/bid/48319"}, {"name": "oval:org.mitre.oval:def:14207", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207"}, {"name": "http://www.contextis.com/resources/blog/webgl2/", "refsource": "MISC", "url": "http://www.contextis.com/resources/blog/webgl2/"}, {"name": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/", "refsource": "MISC", "url": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:08:23.239Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/"}, {"name": "48319", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48319"}, {"name": "oval:org.mitre.oval:def:14207", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.contextis.com/resources/blog/webgl2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-2598", "datePublished": "2011-06-30T15:26:00", "dateReserved": "2011-06-30T00:00:00", "dateUpdated": "2024-08-06T23:08:23.239Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C69962C4-FA56-47F2-82A4-DFF4C19DAF3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "B7BC1684-3634-4585-B7E6-8C8777E1DA0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "matchCriteriaId": "A490D040-EF74-45C2-89ED-D88ADD222712", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "matchCriteriaId": "6CDA17D1-CD93-401E-860C-7C3291FEEB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "matchCriteriaId": "6F72FDE3-54E0-48E4-9015-1B8A36DB1EC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "4062C901-3828-415B-A6C3-EDD0E7B20C0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "CC0D8730-7034-4AD6-9B05-F8BAFB0145EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "857AFB05-F0C1-4061-9680-9561D68C908F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "80801CD8-EEAF-4BC4-9085-DCCC6CF73076", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "FAF4C78A-5093-4871-AF69-A8E8FD7E1AAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "560AD4C7-89D2-4323-BBCC-A89EEB6832CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "6B389CBC-4F6C-4C17-A87B-A6DD92703A10", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DDFBA043-91BC-4FB5-A34D-FCE1A9C65A88", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory."}, {"lang": "es", "value": "La implementaci\u00f3n de WebGL en Mozilla Firefox v4.x permite a atacantes remotos obtener im\u00e1genes de las ventanas de las aplicaciones de escritorio de su elecci\u00f3n a trav\u00e9s de vectores que implican un filtro SVG, un elemento IFRAME, y los datos sin inicializar en la memoria de gr\u00e1ficos."}], "id": "CVE-2011-2598", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-06-30T15:55:04.473", "references": [{"source": "cve@mitre.org", "url": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.contextis.com/resources/blog/webgl2/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/48319"}, {"source": "cve@mitre.org", "url": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.contextis.com/resources/blog/webgl2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48319"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.theregister.co.uk/2011/06/16/webgl_security_threats_redux/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14207"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}