Linux.com

Hole in Fixefox 4 WebGL

I just read that firefox 4 has a hole in its WebGL application that allows screen shots of what a browser just displayed. This means all information on the page, password, names, etc.

This is an article that was post on the homepage of linux.com titled,"Hole Found in Firefox 4 WebGL Implementation". Here is a sample paragraph of the article.

"This approach allows an attacker to create and save screenshots of what the browser has displayed. This includes all data, not just WebGL content. In their proof of concept, the researchers manage to extract "snapshots" of the graphics card's memory that was previously used to display web pages. The vulnerability is specific to the WebGL implementation in Firefox 4 and does not occur in Google Chrome."

http://www.h-online.com/security/news/item/Hole-found-in-Firefox-4-WebGL-implementation-1262177.html

The security hole is fixed in firefox 5. Users of firefox 4 can disable WebGL or upgrade to the beta version of firefox 5. To do this, type: about:config in your firefox url box, scroll to line named WebGL.disabled. Select it, right click and choose toggle to change it to "true".

 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFS426 Linux Performance Tuning
    08 Sep » 11 Sep - New York
    Details
  2. LFS520 OpenStack Cloud Architecture and Deployment
    08 Sep » 11 Sep - Virtual
    Details
  3. LFD320 Linux Kernel Internals and Debugging
    15 Sep » 19 Sep - Virtual
    Details

View All Upcoming Courses


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board