A vulnerability in how WebGL 3D is implemented has been identified. While not critical, it could be an entirely new vector for system compromise.
As an FYI, this was brought to my attention in May and at that time, it was decided that the firefox config parameters for the image used to create the cost share machines would be modified to disable WebGL. In short, Mozilla will implement this mod on the next release of Firefox scheduled for June 21.
Secunia Advisory SA44972
Mozilla Firefox WebGL Graphics Memory Information Disclosure Weakness
Criticality level Not critical
Impact Exposure of sensitive information
Where From remote
Solution Status Unpatched
Context has reported a weakness in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information.
An unspecified error in the WebGL implementation can be exploited to disclose certain information e.g. screenshots of a victim’s desktop.
The weakness is reported in version 4.0.1. Other versions may also be affected.
The vendor recommends to disable WebGL. The vendor has scheduled a fix for 2011-06-21.
Update July 5
It looks like the details of the video chipsets that implement WebGL 3D ( and can be exploited) are beginning to emerge. Additional details will be provided as they are made available.
The NVIDIA Geforce 310 driver 188.8.131.5261 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK.
The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attackers to cause a denial of service (desktop hang) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK.