Main Vulnerability Database Exploits ID:1164 - Exploit for Out-of-bounds read in Mozilla Firefox and Firefox ESR - CVE-2017-5465

ID:1164 - Exploit for Out-of-bounds read in Mozilla Firefox and Firefox ESR - CVE-2017-5465

Published: March 18, 2020

Vulnerability identifier: #VU6331

Vulnerability risk: High

CVE-ID: CVE-2017-5465

CWE-ID: CWE-125

Exploitation vector: Remote access

Vulnerable software:
Mozilla Firefox
Firefox ESR

Link to public exploit:

https://www.exploit-db.com/exploits/42072/

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error while processing SVG content in ConvolvePixel. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Remediation

Update to Firefox 53, Firefox ESR 45.9 or Firefox ESR 52.1.

ID:1164 - Exploit for Out-of-bounds read in Mozilla Firefox and Firefox ESR - CVE-2017-5465

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human