1. Home
  2. CVE Database
  3. CVE-2011-2600
HIGH · 7.1

CVE-2011-2600

The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) sha...

Vulnerability Description

The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftWindows XpAll versions

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2011-2600?

CVE-2011-2600 is a vulnerability with a CVSS score of 7.1 (HIGH). The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) sha...

How severe is CVE-2011-2600?

CVE-2011-2600 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-2600?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Xp.