1. Home
  2. Vulnerabilities
  3. CVE-2017-5411

CVE-2017-5411

CVSS v3.0 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.22 % (61th)
0.22% Progress
Affected Products 3
Advisories 3
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is only in use on Windows. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2018-06-11 21:29:04
(6 years ago)
Updated Date
2018-08-02 16:21:27
(6 years ago)

Affected Products

Microsoft

Mozilla

Configuration #1

AND
    CPE23 From Up To
OR  
  Mozilla Firefox prior 52.0 version cpe:2.3:a:mozilla:firefox < 52.0
OR  
  Running on/with
  Microsoft Windows cpe:2.3:o:microsoft:windows:-

Configuration #2

AND
    CPE23 From Up To
OR  
  Mozilla Thunderbird prior 52.0 version cpe:2.3:a:mozilla:thunderbird < 52.0
OR  
  Running on/with
  Microsoft Windows cpe:2.3:o:microsoft:windows:-