CVE-2017-7845 - OpenCVE

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Esr Firefox Thunderbird

Configuration 1 [-]

AND

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/102115	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040123	Third Party Advisory VDB Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=1402372	Issue Tracking Permissions Required
https://www.mozilla.org/security/advisories/mfsa2017-28/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2017-29/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2017-30/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2018-06-11T21:00:00

Updated: 2018-06-12T09:57:01

Reserved: 2017-04-12T00:00:00

Link: CVE-2017-7845

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-06-11T21:29:12.013

Modified: 2018-08-09T16:27:35.407

Link: CVE-2017-7845

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "52.5.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "52.5.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "57.0.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2017-12-07T00:00:00", "descriptions": [{"lang": "en", "value": "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2."}], "problemTypes": [{"descriptions": [{"description": "Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-12T09:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-28/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-29/"}, {"name": "1040123", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040123"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-30/"}, {"name": "102115", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102115"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402372"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2017-7845", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "52.5.2"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "52.5.2"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "57.0.2"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2017-28/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-28/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-29/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-29/"}, {"name": "1040123", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040123"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-30/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-30/"}, {"name": "102115", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102115"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402372", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402372"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2017-7845", "datePublished": "2018-06-11T21:00:00", "dateReserved": "2017-04-12T00:00:00", "dateUpdated": "2018-06-12T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8010688-45E8-466D-99D6-B963C6A55A4B", "versionEndExcluding": "57.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AD1A6A6-04B0-4689-8BA2-F6D8D5B37E0C", "versionEndExcluding": "52.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAAC1C50-B5AD-4BA6-B6D4-457AAC258BDA", "versionEndExcluding": "52.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2."}, {"lang": "es", "value": "Ocurre un desbordamiento de b\u00fafer cuando se dibujan y validan elementos usando Direct 3D 9 con la librer\u00eda de gr\u00e1ficos ANGLE, utilizado para contenidos WebGL. Esto se debe a que se pasa un valor incorrecto en la librer\u00eda durante las comprobaciones y resulta en un cierre inesperado potencialmente explotable. Nota: este ataque solo afecta a sistemas operativos Windows. Los otros sistemas operativos no se ven afectados. Esta vulnerabilidad afecta a las versiones anteriores a la 52.5.2 de Thunderbird, las versiones anteriores a la 52.5.2 de Firefox ESR y las versiones anteriores a la 57.0.2 de Firefox."}], "id": "CVE-2017-7845", "lastModified": "2018-08-09T16:27:35.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-11T21:29:12.013", "references": [{"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102115"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040123"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402372"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-28/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-29/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-30/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}