All errata/sisyphus/ALT-PU-2018-1003-1
ALT-PU-2018-1003-1

Package update firefox in branch sisyphus

Version57.0.4-alt1
Task#197783
Published2018-01-06
Max severityHIGH
Severity:

Closed issues (1)

CVE-2017-7845
HIGH8.8

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

Published: 2018-06-11Modified: 2025-11-25
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References