CVE-2017-5428

Priority
Description
An integer overflow in "createImageBitmap()" was reported through the
Pwn2Own contest. The fix for this vulnerability disables the experimental
extensions to the "createImageBitmap" API. This function runs in the
content sandbox, requiring a second vulnerability to compromise a user's
computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox <
52.0.1.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (52.0.1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [52.0.1+build2-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.1+build2-0ubuntu0.16.04.1)
More Information

Updated: 2019-12-05 18:49:09 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)