CERT mailing list archives

Current Activity - WebGL Security Risks

From: Current Activity <us-cert () us-cert gov>
Date: Mon, 16 May 2011 10:33:06 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

WebGL Security Risks

Original release date: May 11, 2011 at 1:50 pm
Last revised: May 16, 2011 at 10:20 am


US-CERT is aware of reports indicating that WebGL contains multiple
significant security issues. The impact of these
issues includes denial of service, and cross-domain attacks. WebGL is
a new web standard that is enabled by default in Firefox 4 and Google
Chrome and is included in Safari.

US-CERT encourages users and administrators to review the Context
report and update their systems as necessary to help mitigate the
risks.

Relevant Url(s):
<http://www.contextis.com/resources/blog/webgl/>

====
This entry is available at
http://www.us-cert.gov/current/index.html#web_users_warned_to_turn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTdE1kj6pPKYJORa3AQJshAf/awnREvja2U4vQ0ptQEczLCubcimiUUtW
QMIG7OPvvzCAFyEtAuDm1uTMKSU1w6dednwn1cx4ZAYqikfulEPBVSjsJ7SsKnBB
jdy2qrjBbPwWUbtyV9N8G/X4AHPRszscvq2evKB9HmcgzhLd5usPNNgmIKBvw//X
fsX+2OQXNfiVbcQTXxV+WrFhDRk9n8kugm1tjDijumkFZhWNhXksV2t+8XdFfEwq
Om7D9h1lEolZkGdy2i6hRE6lFACkDF6MV/GRGNMHabWFqf7pDP/vO9k0dK2JhHlP
ynKAEq7GAuPONhWZ6ePpM5gIOZ6pF0KqnmFGrGjEOo01LVidh+yt6g==
=miru
-----END PGP SIGNATURE-----

Current thread:

Current Activity - WebGL Security Risks Current Activity (May 10)
- <Possible follow-ups>
- Current Activity - WebGL Security Risks Current Activity (May 16)