10

CVE-2011-1300

EPSS 5.56%
Published 15.04.2011 19:55:00
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version4.0

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta1

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta10

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta11

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta12

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta2

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta3

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta4

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta5

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta6

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta7

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta8

Microsoft ≫ Windows Version-

Mozilla ≫ Firefox Version4.0 Updatebeta9

Microsoft ≫ Windows Version-

Google ≫ Chrome Version < 10.0.648.205

Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.56%	0.899

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html

Vendor Advisory

http://secunia.com/advisories/44141

Vendor Advisory

http://code.google.com/p/angleproject/source/detail?r=611

Vendor Advisory

http://code.google.com/p/chromium/issues/detail?id=70070

Vendor Advisory

http://www.mozilla.org/security/announce/2011/mfsa2011-17.html

Vendor Advisory

http://www.securityfocus.com/bid/47377

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id?1025377

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2011/1006

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=623791

Vendor Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/66766

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14466

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2011-1300

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1300

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1300

EUVD