The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2015-09-24T01:00:00
Updated: 2024-08-06T07:43:44.922Z
Reserved: 2015-09-16T00:00:00
Link: CVE-2015-7178
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-09-24T04:59:25.910
Modified: 2016-12-22T03:00:16.793
Link: CVE-2015-7178
Redhat