Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2011-1300

Date: April 15, 2011

The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.

Severity Score

Related Resources (14)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14466
http://www.securityfocus.com/bid/47377
https://exchange.xforce.ibmcloud.com/vulnerabilities/66766
http://code.google.com/p/chromium/issues/detail?id=70070
http://www.mozilla.org/security/announce/2011/mfsa2011-17.html
https://bugzilla.mozilla.org/show_bug.cgi?id=623791
http://www.vupen.com/english/advisories/2011/1006
http://secunia.com/advisories/44141
http://code.google.com/p/angleproject/source/detail?r=611
https://nvd.nist.gov/vuln/detail/CVE-2011-1300
https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1300
http://www.securitytracker.com/id?1025377
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
https://www.mend.io/vulnerability-database/CVE-2011-1300

Severity Score

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us