logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-5428

Description

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.


Affected Software


CPE Name Name Version
redhat:enterprise_linux_server_aus redhat enterprise linux server aus 7.4
redhat:enterprise_linux_server_aus redhat enterprise linux server aus 7.3
redhat:enterprise_linux_server_eus redhat enterprise linux server eus 7.3
redhat:enterprise_linux_server_eus redhat enterprise linux server eus 7.4
redhat:enterprise_linux_server redhat enterprise linux server 7.0
redhat:enterprise_linux redhat enterprise linux 7.0
redhat:enterprise_linux_desktop redhat enterprise linux desktop 7.0
redhat:enterprise_linux_workstation redhat enterprise linux workstation 7.0
redhat:enterprise_linux_server_eus redhat enterprise linux server eus 7.5
mozilla:firefox mozilla firefox 52.0.1
mozilla:firefox_esr mozilla firefox esr 52.0.1

Related