漏洞类别:Local
漏洞等级: 
漏洞信息
Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.
Multiple vulnerabilities were reported in Mozilla Firefox.Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9.Web worker in Private Browsing mode can write IndexedDB data.
Affected Versions:
Firefox prior to 57.0.2
Firefox ESR prior to 52.5.2
QID Detection Logic (Authenticated)
This QID checks for vulnerable versions of Firefox browser.
漏洞危害
Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9.
Web worker in Private Browsing mode can write IndexedDB data.
解决方案
The vendor has issued a fix (57.0.2, 52.5.2 ESR).
Refer to MFSA 2017-28 and MFSA 2017-29
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论