CVE-2017-7824 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox
Severity
9.8CRITICALNVD
EPSS
12.1%
top 6.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 11
Latest updateMay 14
Description
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages9 packages
Also affects: Debian Linux 7.0, 8.0, 9.0, Enterprise Linux 7.4, 7.5
🔴Vulnerability Details
5GHSA▶
GHSA-gvp7-j4mc-vqc9: A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content↗2022-05-14
OSV▶
CVE-2017-7824: A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content↗2018-06-11
CVEList▶
CVE-2017-7824: A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content↗2018-06-11
📋Vendor Advisories
4Red Hat
▶
Debian▶
CVE-2017-7824: firefox - A buffer overflow occurs when drawing and validating elements with the ANGLE gra...↗2017
💬Community
1Bugzilla▶
CVE-2017-7824 Mozilla: Buffer overflow when drawing and validating elements with ANGLE (MFSA 2017-22)↗2017-09-28