The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
The product does not properly verify that the source of data or communication is valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Opensuse | Opensuse_project | 12.3 | 12.3 |
Opensuse | Opensuse_project | 11.4 | 11.4 |
Opensuse | Opensuse | 13.1 | 13.1 |