CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
69.0%
Claus Wahlers reported that random images from GPU memory were showing up in WebGL textures. Once incorporated into the WebGL graphics it is possible for a site to programatically read the image data and potentially gain sensitive data from other things that had been displayed earlier. This problem is due to a bug in the driver for Intel integrated GPUs on recent Mac OS X hardware, and the problem can be seen in WebGL implementations from other vendors. Mozilla has implemented a work-around to prevent this from happening with this hardware-driver combination.