What is the severity of CVE-2011-2366?

CVE-2011-2366 is considered a medium severity vulnerability due to its potential impact on user privacy.

How do I fix CVE-2011-2366?

To fix CVE-2011-2366, update your Mozilla Gecko-based browser or email client to version 5.0 or later.

What versions are affected by CVE-2011-2366?

CVE-2011-2366 affects all Gecko versions prior to 5.0, including Firefox and Thunderbird versions before 5.0.

What type of attack does CVE-2011-2366 enable?

CVE-2011-2366 enables remote attackers to perform timing attacks to obtain approximate copies of arbitrary images.

Is CVE-2011-2366 relevant for modern browsers?

CVE-2011-2366 is not a concern for modern browsers, as it was resolved in versions released after 5.0.

Vulnerability/
CVE-2011-2366

medium

4.3

CWE

30/6/2011

6/8/2024

CVE-2011-2366: Input Validation

First published: Thu Jun 30 2011(Updated: )

Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Gecko	<=2
Mozilla Gecko	=1.7
Mozilla Gecko	=1.8
Mozilla Gecko	=1.8.1
Mozilla Gecko	=1.9
Mozilla Gecko	=1.9.1
Mozilla Gecko	=1.9.2
Firefox	<=4.0.1
Firefox	=0.1
Firefox	=0.2
Firefox	=0.3
Firefox	=0.4
Firefox	=0.5
Firefox	=0.6
Firefox	=0.6.1
Firefox	=0.7
Firefox	=0.7.1
Firefox	=0.8
Firefox	=0.9
Firefox	=0.9-rc
Firefox	=0.9.1
Firefox	=0.9.2
Firefox	=0.9.3
Firefox	=0.10
Firefox	=0.10.1
Firefox	=1.0
Firefox	=1.0-preview_release
Firefox	=1.0.1
Firefox	=1.0.2
Firefox	=1.0.3
Firefox	=1.0.4
Firefox	=1.0.5
Firefox	=1.0.6
Firefox	=1.0.7
Firefox	=1.0.8
Firefox	=1.4.1
Firefox	=1.5
Firefox	=1.5-beta1
Firefox	=1.5-beta2
Firefox	=1.5.0.1
Firefox	=1.5.0.2
Firefox	=1.5.0.3
Firefox	=1.5.0.4
Firefox	=1.5.0.5
Firefox	=1.5.0.6
Firefox	=1.5.0.7
Firefox	=1.5.0.8
Firefox	=1.5.0.9
Firefox	=1.5.0.10
Firefox	=1.5.0.11
Firefox	=1.5.0.12
Firefox	=1.5.1
Firefox	=1.5.2
Firefox	=1.5.3
Firefox	=1.5.4
Firefox	=1.5.5
Firefox	=1.5.6
Firefox	=1.5.7
Firefox	=1.5.8
Firefox	=1.8
Firefox	=2.0
Firefox	=2.0.0.1
Firefox	=2.0.0.2
Firefox	=2.0.0.3
Firefox	=2.0.0.4
Firefox	=2.0.0.5
Firefox	=2.0.0.6
Firefox	=2.0.0.7
Firefox	=2.0.0.8
Firefox	=2.0.0.9
Firefox	=2.0.0.10
Firefox	=2.0.0.11
Firefox	=2.0.0.12
Firefox	=2.0.0.13
Firefox	=2.0.0.14
Firefox	=2.0.0.15
Firefox	=2.0.0.16
Firefox	=2.0.0.17
Firefox	=2.0.0.18
Firefox	=2.0.0.19
Firefox	=2.0.0.20
Firefox	=3.0
Firefox	=3.0.1
Firefox	=3.0.2
Firefox	=3.0.3
Firefox	=3.0.4
Firefox	=3.0.5
Firefox	=3.0.6
Firefox	=3.0.7
Firefox	=3.0.8
Firefox	=3.0.9
Firefox	=3.0.10
Firefox	=3.0.11
Firefox	=3.0.12
Firefox	=3.0.13
Firefox	=3.0.14
Firefox	=3.0.15
Firefox	=3.0.16
Firefox	=3.0.17
Firefox	=3.5
Firefox	=3.5.1
Firefox	=3.5.2
Firefox	=3.5.3
Firefox	=3.5.4
Firefox	=3.5.5
Firefox	=3.5.6
Firefox	=3.5.7
Firefox	=3.5.8
Firefox	=3.5.9
Firefox	=3.5.10
Firefox	=3.5.11
Firefox	=3.5.12
Firefox	=3.5.13
Firefox	=3.5.14
Firefox	=3.5.15
Firefox	=3.6
Firefox	=3.6.2
Firefox	=3.6.3
Firefox	=3.6.4
Firefox	=3.6.6
Firefox	=3.6.7
Firefox	=3.6.8
Firefox	=3.6.9
Firefox	=3.6.10
Firefox	=3.6.11
Firefox	=3.6.12
Firefox	=3.6.13
Firefox	=4.0
Firefox	=4.0-beta1
Firefox	=4.0-beta10
Firefox	=4.0-beta11
Firefox	=4.0-beta12
Firefox	=4.0-beta2
Firefox	=4.0-beta3
Firefox	=4.0-beta4
Firefox	=4.0-beta5
Firefox	=4.0-beta6
Firefox	=4.0-beta7
Firefox	=4.0-beta8
Firefox	=4.0-beta9
Thunderbird	<=3.1.11
Thunderbird	=0.1
Thunderbird	=0.2
Thunderbird	=0.3
Thunderbird	=0.4
Thunderbird	=0.5
Thunderbird	=0.6
Thunderbird	=0.7
Thunderbird	=0.7.1
Thunderbird	=0.7.2
Thunderbird	=0.7.3
Thunderbird	=0.8
Thunderbird	=0.9
Thunderbird	=1.0
Thunderbird	=1.0.1
Thunderbird	=1.0.2
Thunderbird	=1.0.3
Thunderbird	=1.0.4
Thunderbird	=1.0.5
Thunderbird	=1.0.6
Thunderbird	=1.0.7
Thunderbird	=1.0.8
Thunderbird	=1.5
Thunderbird	=1.5-beta2
Thunderbird	=1.5.0.1
Thunderbird	=1.5.0.2
Thunderbird	=1.5.0.3
Thunderbird	=1.5.0.4
Thunderbird	=1.5.0.5
Thunderbird	=1.5.0.6
Thunderbird	=1.5.0.7
Thunderbird	=1.5.0.8
Thunderbird	=1.5.0.9
Thunderbird	=1.5.0.10
Thunderbird	=1.5.0.11
Thunderbird	=1.5.0.12
Thunderbird	=1.5.0.13
Thunderbird	=1.5.0.14
Thunderbird	=1.5.1
Thunderbird	=1.5.2
Thunderbird	=1.7.1
Thunderbird	=1.7.3
Thunderbird	=2.0
Thunderbird	=2.0.0.0
Thunderbird	=2.0.0.1
Thunderbird	=2.0.0.2
Thunderbird	=2.0.0.3
Thunderbird	=2.0.0.4
Thunderbird	=2.0.0.5
Thunderbird	=2.0.0.6
Thunderbird	=2.0.0.7
Thunderbird	=2.0.0.8
Thunderbird	=2.0.0.9
Thunderbird	=2.0.0.12
Thunderbird	=2.0.0.14
Thunderbird	=2.0.0.16
Thunderbird	=2.0.0.17
Thunderbird	=2.0.0.18
Thunderbird	=2.0.0.19
Thunderbird	=2.0.0.21
Thunderbird	=2.0.0.22
Thunderbird	=2.0.0.23
Thunderbird	=3.0
Thunderbird	=3.0.1
Thunderbird	=3.0.2
Thunderbird	=3.0.3
Thunderbird	=3.0.4
Thunderbird	=3.0.5
Thunderbird	=3.0.6
Thunderbird	=3.0.7
Thunderbird	=3.0.8
Thunderbird	=3.0.9
Thunderbird	=3.0.10
Thunderbird	=3.0.11
Thunderbird	=3.1
Thunderbird	=3.1.1
Thunderbird	=3.1.2
Thunderbird	=3.1.3
Thunderbird	=3.1.4
Thunderbird	=3.1.5
Thunderbird	=3.1.6
Thunderbird	=3.1.7
Thunderbird	=3.1.8
Thunderbird	=3.1.9
Thunderbird	=3.1.10

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2366?
CVE-2011-2366 is considered a medium severity vulnerability due to its potential impact on user privacy.
How do I fix CVE-2011-2366?
To fix CVE-2011-2366, update your Mozilla Gecko-based browser or email client to version 5.0 or later.
What versions are affected by CVE-2011-2366?
CVE-2011-2366 affects all Gecko versions prior to 5.0, including Firefox and Thunderbird versions before 5.0.
What type of attack does CVE-2011-2366 enable?
CVE-2011-2366 enables remote attackers to perform timing attacks to obtain approximate copies of arbitrary images.
Is CVE-2011-2366 relevant for modern browsers?
CVE-2011-2366 is not a concern for modern browsers, as it was resolved in versions released after 5.0.

collector/nvd-historical
agent/references
agent/type
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mozilla
canonical/mozilla gecko
version/mozilla gecko/2
version/mozilla gecko/1.7
version/mozilla gecko/1.8
version/mozilla gecko/1.8.1
version/mozilla gecko/1.9
version/mozilla gecko/1.9.1
version/mozilla gecko/1.9.2
canonical/firefox
version/firefox/4.0.1
version/firefox/0.1
version/firefox/0.2
version/firefox/0.3
version/firefox/0.4
version/firefox/0.5
version/firefox/0.6
version/firefox/0.6.1
version/firefox/0.7
version/firefox/0.7.1
version/firefox/0.8
version/firefox/0.9
version/firefox/0.9-rc
version/firefox/0.9.1
version/firefox/0.9.2
version/firefox/0.9.3
version/firefox/0.10
version/firefox/0.10.1
version/firefox/1.0
version/firefox/1.0-preview_release
version/firefox/1.0.1
version/firefox/1.0.2
version/firefox/1.0.3
version/firefox/1.0.4
version/firefox/1.0.5
version/firefox/1.0.6
version/firefox/1.0.7
version/firefox/1.0.8
version/firefox/1.4.1
version/firefox/1.5
version/firefox/1.5-beta1
version/firefox/1.5-beta2
version/firefox/1.5.0.1
version/firefox/1.5.0.2
version/firefox/1.5.0.3
version/firefox/1.5.0.4
version/firefox/1.5.0.5
version/firefox/1.5.0.6
version/firefox/1.5.0.7
version/firefox/1.5.0.8
version/firefox/1.5.0.9
version/firefox/1.5.0.10
version/firefox/1.5.0.11
version/firefox/1.5.0.12
version/firefox/1.5.1
version/firefox/1.5.2
version/firefox/1.5.3
version/firefox/1.5.4
version/firefox/1.5.5
version/firefox/1.5.6
version/firefox/1.5.7
version/firefox/1.5.8
version/firefox/1.8
version/firefox/2.0
version/firefox/2.0.0.1
version/firefox/2.0.0.2
version/firefox/2.0.0.3
version/firefox/2.0.0.4
version/firefox/2.0.0.5
version/firefox/2.0.0.6
version/firefox/2.0.0.7
version/firefox/2.0.0.8
version/firefox/2.0.0.9
version/firefox/2.0.0.10
version/firefox/2.0.0.11
version/firefox/2.0.0.12
version/firefox/2.0.0.13
version/firefox/2.0.0.14
version/firefox/2.0.0.15
version/firefox/2.0.0.16
version/firefox/2.0.0.17
version/firefox/2.0.0.18
version/firefox/2.0.0.19
version/firefox/2.0.0.20
version/firefox/3.0
version/firefox/3.0.1
version/firefox/3.0.2
version/firefox/3.0.3
version/firefox/3.0.4
version/firefox/3.0.5
version/firefox/3.0.6
version/firefox/3.0.7
version/firefox/3.0.8
version/firefox/3.0.9
version/firefox/3.0.10
version/firefox/3.0.11
version/firefox/3.0.12
version/firefox/3.0.13
version/firefox/3.0.14
version/firefox/3.0.15
version/firefox/3.0.16
version/firefox/3.0.17
version/firefox/3.5
version/firefox/3.5.1
version/firefox/3.5.2
version/firefox/3.5.3
version/firefox/3.5.4
version/firefox/3.5.5
version/firefox/3.5.6
version/firefox/3.5.7
version/firefox/3.5.8
version/firefox/3.5.9
version/firefox/3.5.10
version/firefox/3.5.11
version/firefox/3.5.12
version/firefox/3.5.13
version/firefox/3.5.14
version/firefox/3.5.15
version/firefox/3.6
version/firefox/3.6.2
version/firefox/3.6.3
version/firefox/3.6.4
version/firefox/3.6.6
version/firefox/3.6.7
version/firefox/3.6.8
version/firefox/3.6.9
version/firefox/3.6.10
version/firefox/3.6.11
version/firefox/3.6.12
version/firefox/3.6.13
version/firefox/4.0
version/firefox/4.0-beta1
version/firefox/4.0-beta10
version/firefox/4.0-beta11
version/firefox/4.0-beta12
version/firefox/4.0-beta2
version/firefox/4.0-beta3
version/firefox/4.0-beta4
version/firefox/4.0-beta5
version/firefox/4.0-beta6
version/firefox/4.0-beta7
version/firefox/4.0-beta8
version/firefox/4.0-beta9
canonical/thunderbird
version/thunderbird/3.1.11
version/thunderbird/0.1
version/thunderbird/0.2
version/thunderbird/0.3
version/thunderbird/0.4
version/thunderbird/0.5
version/thunderbird/0.6
version/thunderbird/0.7
version/thunderbird/0.7.1
version/thunderbird/0.7.2
version/thunderbird/0.7.3
version/thunderbird/0.8
version/thunderbird/0.9
version/thunderbird/1.0
version/thunderbird/1.0.1
version/thunderbird/1.0.2
version/thunderbird/1.0.3
version/thunderbird/1.0.4
version/thunderbird/1.0.5
version/thunderbird/1.0.6
version/thunderbird/1.0.7
version/thunderbird/1.0.8
version/thunderbird/1.5
version/thunderbird/1.5-beta2
version/thunderbird/1.5.0.1
version/thunderbird/1.5.0.2
version/thunderbird/1.5.0.3
version/thunderbird/1.5.0.4
version/thunderbird/1.5.0.5
version/thunderbird/1.5.0.6
version/thunderbird/1.5.0.7
version/thunderbird/1.5.0.8
version/thunderbird/1.5.0.9
version/thunderbird/1.5.0.10
version/thunderbird/1.5.0.11
version/thunderbird/1.5.0.12
version/thunderbird/1.5.0.13
version/thunderbird/1.5.0.14
version/thunderbird/1.5.1
version/thunderbird/1.5.2
version/thunderbird/1.7.1
version/thunderbird/1.7.3
version/thunderbird/2.0
version/thunderbird/2.0.0.0
version/thunderbird/2.0.0.1
version/thunderbird/2.0.0.2
version/thunderbird/2.0.0.3
version/thunderbird/2.0.0.4
version/thunderbird/2.0.0.5
version/thunderbird/2.0.0.6
version/thunderbird/2.0.0.7
version/thunderbird/2.0.0.8
version/thunderbird/2.0.0.9
version/thunderbird/2.0.0.12
version/thunderbird/2.0.0.14
version/thunderbird/2.0.0.16
version/thunderbird/2.0.0.17
version/thunderbird/2.0.0.18
version/thunderbird/2.0.0.19
version/thunderbird/2.0.0.21
version/thunderbird/2.0.0.22
version/thunderbird/2.0.0.23
version/thunderbird/3.0
version/thunderbird/3.0.1
version/thunderbird/3.0.2
version/thunderbird/3.0.3
version/thunderbird/3.0.4
version/thunderbird/3.0.5
version/thunderbird/3.0.6
version/thunderbird/3.0.7
version/thunderbird/3.0.8
version/thunderbird/3.0.9
version/thunderbird/3.0.10
version/thunderbird/3.0.11
version/thunderbird/3.1
version/thunderbird/3.1.1
version/thunderbird/3.1.2
version/thunderbird/3.1.3
version/thunderbird/3.1.4
version/thunderbird/3.1.5
version/thunderbird/3.1.6
version/thunderbird/3.1.7
version/thunderbird/3.1.8
version/thunderbird/3.1.9
version/thunderbird/3.1.10