CVE-2017-7845

Summary

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 52.5.2affected
MozillaFirefox ESRunspecified < 52.5.2affected
MozillaFirefoxunspecified < 57.0.2affected

Weaknesses

  • Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9

ADP Enrichment

CVE Program Container

Additional References

References