Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox Direct2D API同源策略绕过信息泄露漏洞
Vulnerability Description
Direct2D 是一种硬件加速的即时模式二维图形API,可为二维几何图形、位图和文本提供高性能和高质量的呈现。Mozilla Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 当Direct2D(也称为D2D)API在Windows上运行时,Mozilla Firefox 4.x至5版本中存在信息泄露漏洞。远程攻击者可通过向画布中插入数据绕过同源策略,并获取不同域的敏感图像数据。
CVSS Information
N/A
Vulnerability Type
N/A