Critical severity9.8NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2017-5428
CVE-2017-5428
Description
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5<52.0.1+ 2 more
- (no CPE)range: <52.0.1
- (no CPE)range: unspecified
- (no CPE)range: unspecified
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
Patches
Vulnerability mechanics
References
5- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2017-0558.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/96959nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038060nvdThird Party AdvisoryVDB Entry
- www.mozilla.org/security/advisories/mfsa2017-08/nvdVendor Advisory
News mentions
0No linked articles in our index yet.