The host is missing a high severity security update according to the Mozilla advisory MFSA2011-25 and is prone to an improper input validation vulnerability. A flaw is present in the applications, which fail to handle issues in the cross-domain image as a WebGL texture. Successful exploitation could allow remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.