Mozilla Foundation Security Advisory 2017-29

Security vulnerabilities fixed in Firefox 57.0.2

Announced
December 7, 2017
Impact
critical
Products
Firefox
Fixed in
  • Firefox 57.0.2

#CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9

Reporter
Omair
Impact
critical
Description

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash.
Note: This attack only affects Windows operating systems. Other operating systems are unaffected.

References