Kenneth Russell

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 75 Firefox ESR versions prior to 68.7 Thunderbird versions prior to 68.7.0 **Description** The issue is related to the WebGL's `copyTexSubImage` method, where reading from areas outside the source resource could lead to potentially sensitive data disclosure due to uninitialized memory. This could result in the exposure of sensitive information. **Recommendations** For Firefox versions prior to 75, update to version 75 or later. For Firefox ESR versions prior to 68.7, update to version 68.7 or later. For Thunderbird versions prior to 68.7.0, update to version 68.7.0 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 20.0.1132.43 **Description** The issue is related to the texSubImage2D implementation in the WebGL subsystem, which does not properly handle uploads to floating-point textures. This can be exploited by remote attackers via a crafted web page, potentially causing a denial of service through an assertion failure and application crash, or possibly having other unspecified impacts. **Recommendations** For versions prior to 20.0.1132.43, update to version 20.0.1132.43 or later to resolve the issue.