Linux.com

Hole in Fixefox 4 WebGL

I just read that firefox 4 has a hole in its WebGL application that allows screen shots of what a browser just displayed. This means all information on the page, password, names, etc.

This is an article that was post on the homepage of linux.com titled,"Hole Found in Firefox 4 WebGL Implementation". Here is a sample paragraph of the article.

"This approach allows an attacker to create and save screenshots of what the browser has displayed. This includes all data, not just WebGL content. In their proof of concept, the researchers manage to extract "snapshots" of the graphics card's memory that was previously used to display web pages. The vulnerability is specific to the WebGL implementation in Firefox 4 and does not occur in Google Chrome."

http://www.h-online.com/security/news/item/Hole-found-in-Firefox-4-WebGL-implementation-1262177.html

The security hole is fixed in firefox 5. Users of firefox 4 can disable WebGL or upgrade to the beta version of firefox 5. To do this, type: about:config in your firefox url box, scroll to line named WebGL.disabled. Select it, right click and choose toggle to change it to "true".

 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD312 Developing Applications For Linux
    05 Jan » 09 Jan - Virtual
    Details
  2. LFS220 Linux System Administration
    05 Jan » 08 Jan - Virtual
    Details
  3. LFD331 Developing Linux Device Drivers
    12 Jan » 16 Jan - Virtual
    Details

View All Upcoming Courses


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board