{
  "id": "CVE-2011-2601",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2011-06-30T15:55:04.597",
  "lastModified": "2011-07-12T04:00:00.000",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK."
    },
    {
      "lang": "es",
      "value": "La funcionalidad de soporte para GPU en Mac OS X no restringe adecuadamente el tiempo de procesamiento, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bloqueo de escritorio) a trav\u00e9s de vectores que implican a WebGL y (1) los programas de sombreado o (2) geometr\u00eda 3D compleja, como lo demuestra el uso de Mozilla Firefox o Google Chrome para visitar la p\u00e1gina de prueba de lots-of-polys-example.html en el SDK de Khronos WebGL."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.contextis.com/resources/blog/webgl/",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    }
  ]
}