The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387.
2012-06-27T10:18:38.837
2025-04-11T00:51:21.963
Deferred
CVSSv2: 6.8 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | chrome | ≤ 20.0.1132.42 | Yes | |
| Application | chrome | 20.0.1132.0 | Yes | |
| Application | chrome | 20.0.1132.1 | Yes | |
| Application | chrome | 20.0.1132.2 | Yes | |
| Application | chrome | 20.0.1132.3 | Yes | |
| Application | chrome | 20.0.1132.4 | Yes | |
| Application | chrome | 20.0.1132.5 | Yes | |
| Application | chrome | 20.0.1132.6 | Yes | |
| Application | chrome | 20.0.1132.7 | Yes | |
| Application | chrome | 20.0.1132.8 | Yes | |
| Application | chrome | 20.0.1132.9 | Yes | |
| Application | chrome | 20.0.1132.10 | Yes | |
| Application | chrome | 20.0.1132.11 | Yes | |
| Application | chrome | 20.0.1132.12 | Yes | |
| Application | chrome | 20.0.1132.13 | Yes | |
| Application | chrome | 20.0.1132.14 | Yes | |
| Application | chrome | 20.0.1132.15 | Yes | |
| Application | chrome | 20.0.1132.16 | Yes | |
| Application | chrome | 20.0.1132.17 | Yes | |
| Application | chrome | 20.0.1132.18 | Yes | |
| Application | chrome | 20.0.1132.19 | Yes | |
| Application | chrome | 20.0.1132.20 | Yes | |
| Application | chrome | 20.0.1132.21 | Yes | |
| Application | chrome | 20.0.1132.22 | Yes | |
| Application | chrome | 20.0.1132.23 | Yes | |
| Application | chrome | 20.0.1132.24 | Yes | |
| Application | chrome | 20.0.1132.25 | Yes | |
| Application | chrome | 20.0.1132.26 | Yes | |
| Application | chrome | 20.0.1132.27 | Yes | |
| Application | chrome | 20.0.1132.28 | Yes | |
| Application | chrome | 20.0.1132.29 | Yes | |
| Application | chrome | 20.0.1132.30 | Yes | |
| Application | chrome | 20.0.1132.31 | Yes | |
| Application | chrome | 20.0.1132.32 | Yes | |
| Application | chrome | 20.0.1132.33 | Yes | |
| Application | chrome | 20.0.1132.34 | Yes | |
| Application | chrome | 20.0.1132.35 | Yes | |
| Application | chrome | 20.0.1132.36 | Yes | |
| Application | chrome | 20.0.1132.37 | Yes | |
| Application | chrome | 20.0.1132.38 | Yes | |
| Application | chrome | 20.0.1132.39 | Yes | |
| Application | chrome | 20.0.1132.40 | Yes | |
| Application | chrome | 20.0.1132.41 | Yes |