2.6

CVE-2013-1729

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version <= 23.0.1
   ApplemacOS X
MozillaFirefox Version19.0
   ApplemacOS X
MozillaFirefox Version19.0.1
   ApplemacOS X
MozillaFirefox Version19.0.2
   ApplemacOS X
MozillaFirefox Version20.0
   ApplemacOS X
MozillaFirefox Version20.0.1
   ApplemacOS X
MozillaFirefox Version21.0
   ApplemacOS X
MozillaFirefox Version22.0
   ApplemacOS X
MozillaFirefox Version23.0
   ApplemacOS X
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.23% 0.651
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html
http://www.mozilla.org/security/announce/2013/mfsa2013-86.html
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=879656