Intrusion Prevention

Mozilla.Firefox.CreateImageBitmap.Integer.Overflow

Description

This indicates an attack attempt against an Integer Overflow vulnerability in Mozilla products.
The vulnerability is caused by an error when the vulnerable software handles overly large values of image offset. It allows a remote attacker to execute arbitrary code on vulnerable systems via a crafted web page.

Affected Products

Mozilla Foundation Firefox prior to 52.0.1
Mozilla Foundation Firefox ESR prior to 52.0.1

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/

CVE References

CVE-2017-5428