CVE-2017-7824

Current Description

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Basic Data

PublishedJune 11, 2018
Last ModifiedAugust 09, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 3 - Attack VectorNETWORK
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredNONE
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactHIGH
CVSS 3 - Integrity ImpactHIGH
CVSS 3 - Availability ImpactHIGH
CVSS 3 - Base Score9.8
CVSS 3 - Base SeverityCRITICAL
Exploitability Score3.9
Base SeverityCRITICAL

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatEnterprise Linux Aus7.4*******
    2.3OSRedhatEnterprise Linux Desktop6.0*******
    2.3OSRedhatEnterprise Linux Desktop7.0*******
    2.3OSRedhatEnterprise Linux Eus7.4*******
    2.3OSRedhatEnterprise Linux Eus7.5*******
    2.3OSRedhatEnterprise Linux Server6.0*******
    2.3OSRedhatEnterprise Linux Server7.0*******
    2.3OSRedhatEnterprise Linux Workstation6.0*******
    2.3OSRedhatEnterprise Linux Workstation7.0*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux7.0*******
    2.3OSDebianDebian Linux8.0*******
    2.3OSDebianDebian Linux9.0*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationMozillaFirefox********56.0
    2.3ApplicationMozillaFirefox Esr********52.4.0
    2.3ApplicationMozillaThunderbird********52.4.0

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 7.0, 8.0, 9.0
Mozilla Firefox *
Mozilla Thunderbird *
Mozilla Firefox Esr *
Redhat Enterprise Linux Workstation 6.0, 7.0
Redhat Enterprise Linux Eus 7.4, 7.5
Redhat Enterprise Linux Desktop 6.0, 7.0
Redhat Enterprise Linux Aus 7.4
Redhat Enterprise Linux Server 6.0, 7.0

References

NameSourceURLTags
101053http://www.securityfocus.com/bid/101053BIDThird Party Advisory VDB Entry
1039465http://www.securitytracker.com/id/1039465SECTRACKThird Party Advisory VDB Entry
RHSA-2017:2831https://access.redhat.com/errata/RHSA-2017:2831REDHATThird Party Advisory
RHSA-2017:2885https://access.redhat.com/errata/RHSA-2017:2885REDHATThird Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1398381https://bugzilla.mozilla.org/show_bug.cgi?id=1398381CONFIRMIssue Tracking
[debian-lts-announce] 20171101 [SECURITY] [DLA 1153-1] icedove/thunderbird security updatehttps://lists.debian.org/debian-lts-announce/2017/11/msg00000.htmlMLISTMailing List Third Party Advisory
GLSA-201803-14https://security.gentoo.org/glsa/201803-14GENTOOThird Party Advisory
DSA-3987https://www.debian.org/security/2017/dsa-3987DEBIANThird Party Advisory
DSA-4014https://www.debian.org/security/2017/dsa-4014DEBIANThird Party Advisory
https://www.mozilla.org/security/advisories/mfsa2017-21/https://www.mozilla.org/security/advisories/mfsa2017-21/CONFIRMVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2017-22/https://www.mozilla.org/security/advisories/mfsa2017-22/CONFIRMVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2017-23/https://www.mozilla.org/security/advisories/mfsa2017-23/CONFIRMVendor Advisory