logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-5428

Description

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.


Affected Package


OS OS Version Package Name Package Version
Debian 999 firefox 105.0.1-1
Debian 12 firefox-esr 102.3.0esr-1
Debian 11 firefox-esr 91.13.0esr-1~deb11u1
Debian 10 firefox-esr 91.12.0esr-1~deb10u1
Debian 999 firefox-esr 102.3.0esr-1

Related