nvd-json-data-feeds/CVE-2011/CVE-2011-26xx/CVE-2011-2600.json

{
  "id": "CVE-2011-2600",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2011-06-30T15:55:04.567",
  "lastModified": "2011-07-12T04:00:00.000",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK."
    },
    {
      "lang": "es",
      "value": "La funcionalidad de soporte de GPU en Windows XP no restringe adecuadamente el tiempo de renderizaci\u00f3n, esto permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores que involucren a WebGL y (1) programas shader o (2) compleja geometr\u00eda 3D; como se ha demostrado al utilizar Mozilla Firefox o Google Chrome para visitar la p\u00e1gina de pruebas lots-of-polys-example.html de Khronos WebGL SDK."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.contextis.com/resources/blog/webgl/",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    }
  ]
}