PT-2017-17947 · Microsoft+3 · Direct 3D 9+6

Omair

Published

2017-12-07

Updated

2024-06-15

CVE-2017-7845

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 52.5.2 Firefox ESR versions prior to 52.5.2 Firefox versions prior to 57.0.2

Description A buffer overflow issue occurs when using Direct 3D 9 with the ANGLE graphics library for WebGL content, resulting in a potentially exploitable crash due to an incorrect value being passed during checks. This issue only affects Windows operating systems.

Recommendations For Thunderbird versions prior to 52.5.2, update to version 52.5.2 or later. For Firefox ESR versions prior to 52.5.2, update to version 52.5.2 or later. For Firefox versions prior to 57.0.2, update to version 57.0.2 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2018-1003

CVE-2017-7845

MGASA-2018-0018

OPENSUSE-SU-2024:10601-1

Affected Products

Alt Linux

Angle

Direct 3D 9

Firefox

Firefox Esr

Thunderbird

Windows

PT-2017-17947 · Microsoft+3 · Direct 3D 9+6

CVE-2017-7845

Weakness Enumeration

Related Identifiers

Affected Products

References · 413