← Volver a CVEs
CVE-2017-5428
N/ADescripcion
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado6/11/2018
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
mozilla:firefoxmozilla:firefox_esrredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_workstation
Debilidades (CWE)
CWE-190
Referencias
http://rhn.redhat.com/errata/RHSA-2017-0558.html(security@mozilla.org)
http://www.securityfocus.com/bid/96959(security@mozilla.org)
http://www.securitytracker.com/id/1038060(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1348168(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-08/(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2017-0558.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/96959(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1038060(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1348168(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-08/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.