Mozilla Foundation Security Advisory 2011-17

Mozilla Foundation Security Advisory 2011-17

Title: WebGLES vulnerabilities
Impact: Critical
Announced: April 28, 2011
Products: Firefox

Fixed in: Firefox 4.0.1
Description

Two crashes that could potentially be exploited to run malicious code were found in the WebGL feature and fixed in Firefox 4.0.1. In addition the WebGLES libraries could potentially be used to bypass a security feature of recent Windows versions. The WebGL feature was introduced in Firefox 4; older versions are not affected by these issues.

Nils reported that the WebGLES libraries in the Windows version of Firefox were compiled without ASLR protection. An attacker who found an exploitable memory corruption flaw could then use these libraries to bypass ASLR on Windows Vista and Windows 7, making the flaw as exploitable on those platforms as it would be on Windows XP or other platforms.

https://bugzilla.mozilla.org/show_bug.cgi?id=641630

Mozilla researcher Christoph Diehl reported a potentially exploitable buffer overflow in the WebGLES library

https://bugzilla.mozilla.org/show_bug.cgi?id=623791
CVE-2011-0068

Yuri Ko reported a potentially exploitable overwrite in the WebGLES library to the Chrome Secuity Team. We thank them for coordinating with us on this fix.

https://bugzilla.mozilla.org/show_bug.cgi?id=623791
Chromium bug 78524