The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 4.0 (including) | 4.0 (including) |
Firefox | Mozilla | 4.0-beta1 (including) | 4.0-beta1 (including) |
Firefox | Mozilla | 4.0-beta10 (including) | 4.0-beta10 (including) |
Firefox | Mozilla | 4.0-beta11 (including) | 4.0-beta11 (including) |
Firefox | Mozilla | 4.0-beta12 (including) | 4.0-beta12 (including) |
Firefox | Mozilla | 4.0-beta2 (including) | 4.0-beta2 (including) |
Firefox | Mozilla | 4.0-beta3 (including) | 4.0-beta3 (including) |
Firefox | Mozilla | 4.0-beta4 (including) | 4.0-beta4 (including) |
Firefox | Mozilla | 4.0-beta5 (including) | 4.0-beta5 (including) |
Firefox | Mozilla | 4.0-beta6 (including) | 4.0-beta6 (including) |
Firefox | Mozilla | 4.0-beta7 (including) | 4.0-beta7 (including) |
Firefox | Mozilla | 4.0-beta8 (including) | 4.0-beta8 (including) |
Firefox | Mozilla | 4.0-beta9 (including) | 4.0-beta9 (including) |
Firefox | Mozilla | 4.0.1 (including) | 4.0.1 (including) |
Firefox | Ubuntu | hardy | * |
Firefox | Ubuntu | natty | * |
Firefox | Ubuntu | upstream | * |
Firefox-3.0 | Ubuntu | hardy | * |
Seamonkey | Ubuntu | hardy | * |
Seamonkey | Ubuntu | upstream | * |
Thunderbird | Ubuntu | hardy | * |
Xulrunner-1.9.2 | Ubuntu | hardy | * |
Xulrunner-2.0 | Ubuntu | natty | * |
Xulrunner-2.0 | Ubuntu | upstream | * |