A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/101053 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039465 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:2831 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2885 | Third Party Advisory |
https://bugzilla.mozilla.org/show_bug.cgi?id=1398381 | Issue Tracking |
https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201803-14 | Third Party Advisory |
https://www.debian.org/security/2017/dsa-3987 | Third Party Advisory |
https://www.debian.org/security/2017/dsa-4014 | Third Party Advisory |
https://www.mozilla.org/security/advisories/mfsa2017-21/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2017-22/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2017-23/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2018-06-11T21:00:00
Updated: 2018-06-12T09:57:01
Reserved: 2017-04-12T00:00:00
Link: CVE-2017-7824
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-06-11T21:29:11.060
Modified: 2018-08-09T16:25:56.467
Link: CVE-2017-7824
JSON object: View
Redhat Information
No data.
CWE