Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR 64-bit

Download Firefox ESR 32-bit

Download a different build

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR
Firefox Privacy Notice
Get Mozilla VPN

Mozilla Foundation Security Advisory 2017-29

Security vulnerabilities fixed in Firefox 57.0.2

Announced
December 7, 2017
Impact
critical
Products
Firefox
Fixed in
  • Firefox 57.0.2

#CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9

Reporter
Omair
Impact
critical
Description

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash.
Note: This attack only affects Windows operating systems. Other operating systems are unaffected.

References