The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x prior to 4.0.1 on Windows and in the GPU process in Google Chrome prior to 10.0.648.205 on Windows, allows remote malicious users to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 4.0 |
||
google chrome |