Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-5428

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

РелизСтатусПримечание
devel

not-affected

52.0.1+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [52.0.1+build2-0ubuntu0.14.04.1]]
precise

released

52.0.1+build2-0ubuntu0.12.04.1
trusty

released

52.0.1+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [52.0.1+build2-0ubuntu0.14.04.1]
upstream

released

52.0.1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

released

52.0.1+build2-0ubuntu0.16.04.1
yakkety

released

52.0.1+build2-0ubuntu0.16.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%
0.00391
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-5428

CVSS3: 9.8
redhat
больше 8 лет назад

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

nvd логотип

CVE-2017-5428

CVSS3: 9.8
nvd
больше 7 лет назад

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

debian логотип

CVE-2017-5428

CVSS3: 9.8
debian
больше 7 лет назад

An integer overflow in "createImageBitmap()" was reported through the ...

suse-cvrf логотип

openSUSE-SU-2017:0765-1

suse-cvrf
больше 8 лет назад

Security update for Mozilla Firefox

github логотип

GHSA-3c9m-5j33-vjf4

CVSS3: 9.8
github
больше 3 лет назад

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

EPSS

Процентиль: 59%
0.00391
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3