logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-5428

Description

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.


Affected Package


OS OS Version Package Name Package Version
ubuntu 14.04 firefox trusty was released [52.0.1+build2-0ubuntu0.14.04.1]
ubuntu upstream firefox 52.0.1
ubuntu 16.04 firefox 52.0.1+build2-0ubuntu0.16.04.1
ubuntu 16.10 firefox 52.0.1+build2-0ubuntu0.16.10.1
ubuntu 17.04 firefox 52.0.1+build2-0ubuntu1

Related