Dwarfcrank

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 11.0 Firefox ESR versions 10.x before 10.0.4 Thunderbird versions 5.0 through 11.0 Thunderbird ESR versions 10.x before 10.0.4 SeaMonkey version before 2.9 **Description** The issue allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. This is due to the WebGLBuffer::FindMaxUshortElement function calling the FindMaxElementInSubArray function with incorrect template arguments. **Recommendations** For Mozilla Firefox versions 4.x through 11.0, update to a version after 11.0. For Firefox ESR versions 10.x before 10.0.4, update to version 10.0.4 or later. For Thunderbird versions 5.0 through 11.0, update to a version after 11.0. For Thunderbird ESR versions 10.x before 10.0.4, update to version 10.0.4 or later. For SeaMonkey version before 2.9, update to version 2.9 or later.