{"containers": {"cna": {"affected": [{"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "52.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "52.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2017-03-17T00:00:00", "descriptions": [{"lang": "en", "value": "An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1."}], "problemTypes": [{"descriptions": [{"description": "integer overflow in createImageBitmap()", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-12T09:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"name": "1038060", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038060"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168"}, {"name": "96959", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96959"}, {"name": "RHSA-2017:0558", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0558.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-08/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2017-5428", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "52.0.1"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "52.0.1"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "integer overflow in createImageBitmap()"}]}]}, "references": {"reference_data": [{"name": "1038060", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038060"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168"}, {"name": "96959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96959"}, {"name": "RHSA-2017:0558", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0558.html"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2017-08/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2017-08/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:04:14.368Z"}, "title": "CVE Program Container", "references": [{"name": "1038060", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038060"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168"}, {"name": "96959", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96959"}, {"name": "RHSA-2017:0558", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0558.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-08/"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2017-5428", "datePublished": "2018-06-11T21:00:00", "dateReserved": "2017-01-13T00:00:00", "dateUpdated": "2024-08-05T15:04:14.368Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DD8C0EA-69A7-44B4-860E-351324686856", "versionEndExcluding": "52.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A52364C-861F-436E-954D-F1F6E58AC2AF", "versionEndExcluding": "52.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1."}, {"lang": "es", "value": "Se ha informado acerca de un desbordamiento de enteros en \"createImageBitmap()\" a trav\u00e9s del concurso Pwn2Own. La soluci\u00f3n para esta vulnerabilidad deshabilita las extensiones experimentales a la API \"createImageBitmap\". Esta funci\u00f3n se ejecuta en el sandbox de contenido, siendo necesaria una segunda vulnerabilidad para comprometer el ordenador de un usuario. La vulnerabilidad afecta a Firefox ESR en versiones anteriores a la 52.0.1 y Firefox en versiones anteriores a la 52.0.1."}], "id": "CVE-2017-5428", "lastModified": "2024-11-21T03:27:36.043", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-11T21:29:05.453", "references": [{"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0558.html"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96959"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038060"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-08/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0558.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96959"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038060"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1348168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2017-08/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Chaitin Security Research Lab via Trend Micro's Zero Day Initiative as the original reporter.", "affected_release": [{"advisory": "RHSA-2017:0558", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:52.0-5.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-03-17T00:00:00Z"}], "bugzilla": {"description": "Mozilla: integer overflow in createImageBitmap() (MFSA 2017-08)", "id": "1433202", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433202"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "details": ["An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.", "A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox."], "name": "CVE-2017-5428", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2017-03-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-5428\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-5428\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2017-08/#CVE-2017-5428"], "threat_severity": "Critical"}

{}