QwikSec

Security Database

CVE

CWE

Training

CVE-2017-7845

Published: Jun 11, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

Vendor	Product	Versions
Mozilla	Thunderbird	affected `unspecified - < 52.5.2`
Mozilla	Firefox ESR	affected `unspecified - < 52.5.2`
Mozilla	Firefox	affected `unspecified - < 57.0.2`

References

https://www.mozilla.org/security/advisories/mfsa2017-28/

x_refsource_CONFIRM

https://www.mozilla.org/security/advisories/mfsa2017-29/

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

https://www.mozilla.org/security/advisories/mfsa2017-30/

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://bugzilla.mozilla.org/show_bug.cgi?id=1402372

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.