Same Origin Policy Bypass in Mozilla Firefox and Thunderbird on Mac OS X with Intel Integrated GPUs

Same Origin Policy Bypass in Mozilla Firefox and Thunderbird on Mac OS X with Intel Integrated GPUs

CVE-2011-3653 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures.

Learn more about our Web App Pen Testing.