CVE-2012-2819 Information
Description
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page as demonstrated by certain WebGL performance tests aka rdar problem 11520387.
Reference
http://code.google.com/p/chromium/issues/detail?id=120977 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://trac.webkit.org/changeset/117191 http://trac.webkit.org/changeset/118410 https://bugs.webkit.org/show_bug.cgi?id=85942 https://chromiumcodereview.appspot.com/10444013 https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14938
Share on: