← Zuruck zu CVEs
CVE-2017-5428
N/ABeschreibung
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht6/11/2018
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mozilla:firefoxmozilla:firefox_esrredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_workstation
Schwachen (CWE)
CWE-190
Referenzen
http://rhn.redhat.com/errata/RHSA-2017-0558.html(security@mozilla.org)
http://www.securityfocus.com/bid/96959(security@mozilla.org)
http://www.securitytracker.com/id/1038060(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1348168(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-08/(security@mozilla.org)
http://rhn.redhat.com/errata/RHSA-2017-0558.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/96959(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1038060(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1348168(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-08/(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.