Hole in Fixefox 4 WebGL

I just read that firefox 4 has a hole in its WebGL application that allows screen shots of what a browser just displayed. This means all information on the page, password, names, etc.

This is an article that was post on the homepage of titled,"Hole Found in Firefox 4 WebGL Implementation". Here is a sample paragraph of the article.

"This approach allows an attacker to create and save screenshots of what the browser has displayed. This includes all data, not just WebGL content. In their proof of concept, the researchers manage to extract "snapshots" of the graphics card's memory that was previously used to display web pages. The vulnerability is specific to the WebGL implementation in Firefox 4 and does not occur in Google Chrome."

The security hole is fixed in firefox 5. Users of firefox 4 can disable WebGL or upgrade to the beta version of firefox 5. To do this, type: about:config in your firefox url box, scroll to line named WebGL.disabled. Select it, right click and choose toggle to change it to "true".



Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFS201 Essentials of System Administration
    12 Jan » 30 Mar - Online Self-Paced
  2. LFD411 Embedded Linux Development
    30 Mar » 03 Apr - Chelmsford - MA
  3. LFS540 Linux KVM Virtualization
    06 Apr » 09 Apr - Austin - TX + Virtual

View All Upcoming Courses

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board