VDB

CVE-2017-7845

CVE-2017-7845 PUBLISHED

Reported by mozilla · Published June 11, 2018

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

Affected Products

VendorProductVersions
MozillaThunderbirdunspecified
MozillaFirefox ESRunspecified
MozillaFirefoxunspecified
MozillaThunderbird*
MozillaFirefoxunspecified
MozillaFirefox ESRunspecified

Timeline

  • Jun 11, 2018 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score

References

  • x_refsource_CONFIRM
  • x_refsource_CONFIRM
  • 1040123 vdb-entryx_refsource_SECTRACK
  • x_refsource_CONFIRM
  • 102115 vdb-entryx_refsource_BID
  • x_refsource_CONFIRM
Open in Interactive Console →
$ Console Community · 100/wk Open console ›