Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-7845

Published: 11/06/2018 Updated: 09/08/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Mozilla

Vulnerability Summary

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox_esr

mozilla firefox

mozilla thunderbird

Vendor Advisories

Mozilla: Security vulnerabilities fixed in Thunderbird 52.5.2
Mozilla Foundation Security Advisory 2017-30 Security vulnerabilities fixed in Thunderbird 5252 Announced December 22, 2017 Impact critical Products Thunderbird Fixed in Thunderbird 5252 ...
Mozilla: Security vulnerabilities fixed in Firefox 57.0.2
Mozilla Foundation Security Advisory 2017-29 Security vulnerabilities fixed in Firefox 5702 Announced December 7, 2017 Impact critical Products Firefox Fixed in Firefox 5702 ...
Mozilla: Security vulnerabilities fixed in Firefox ESR 52.5.2
Mozilla Foundation Security Advisory 2017-28 Security vulnerabilities fixed in Firefox ESR 5252 Announced December 7, 2017 Impact critical Products Firefox ESR Fixed in Firefox ESR 5252 ...

References

CWE-119https://www.mozilla.org/security/advisories/mfsa2017-30/https://www.mozilla.org/security/advisories/mfsa2017-29/https://www.mozilla.org/security/advisories/mfsa2017-28/https://bugzilla.mozilla.org/show_bug.cgi?id=1402372http://www.securitytracker.com/id/1040123http://www.securityfocus.com/bid/102115https://nvd.nist.govhttps://www.mozilla.org/en-US/security/advisories/mfsa2017-30/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook