Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR 64-bit

Download Firefox ESR 32-bit

Download a different build

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR
Firefox Privacy Notice
Get Mozilla VPN

Mozilla Foundation Security Advisory 2011-50

Cross-origin data theft using canvas and Windows D2D

Announced
November 8, 2011
Reporter
Bas Schouten
Impact
High
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 8
  • SeaMonkey 2.5
  • Thunderbird 8

Description

Mozilla developer Bas Schouten reported that the introduction of the "Azure" graphics back-end on Windows in Firefox 7 re-introduced the cross-origin data theft issue reported by nasalislarvatus3000 as described in MFSA 2011-29.

References