CVE-2017-5406: Buffer Overflow

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1306890
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-09/
• http://www.securityfocus.com/bid/96692
• http://www.securitytracker.com/id/1037966
• https://www.mozilla.org/security/advisories/mfsa2017-05/
• https://www.mozilla.org/security/advisories/mfsa2017-09/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2017-05
• MFSA2017-09

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-5400
• CVE-2017-5401
• CVE-2017-5402
• CVE-2017-5403
• CVE-2017-5404
• CVE-2017-5406
• CVE-2017-5407
• CVE-2017-5410
• CVE-2017-5411
• CVE-2017-5409
• CVE-2017-5408
• CVE-2017-5412
• CVE-2017-5413
• CVE-2017-5414
• CVE-2017-5415
• CVE-2017-5416
• CVE-2017-5417
• CVE-2017-5425
• CVE-2017-5426
• CVE-2017-5427
• CVE-2017-5418
• CVE-2017-5419
• CVE-2017-5420
• CVE-2017-5405
• CVE-2017-5421
• CVE-2017-5422
• CVE-2017-5399
• CVE-2017-5398

Frequently Asked Questions

• What is the severity of CVE-2017-5406?

  CVE-2017-5406 has been classified as a high severity vulnerability due to the potential for a segmentation fault.

• How do I fix CVE-2017-5406?

  To fix CVE-2017-5406, update Mozilla Firefox and Thunderbird to version 52.0 or later.

• What products are affected by CVE-2017-5406?

  CVE-2017-5406 affects Mozilla Firefox and Mozilla Thunderbird versions up to 52.

• Is CVE-2017-5406 a remote exploitation vulnerability?

  CVE-2017-5406 can potentially lead to remote code execution if exploited properly.

• What types of operations trigger CVE-2017-5406?

  CVE-2017-5406 is triggered during specific canvas operations that involve mask/clip intersection and empty masks.