High severity7.5NVD Advisory· Published Apr 30, 2016· Updated Jun 17, 2026
CVE-2016-2808
CVE-2016-2808
Description
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
53cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=45.0.2
- cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*
- (no CPE)range: <46.0, ESR 38.x <38.8, ESR 45.x <45.1
- osv-coords35 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%202.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Manager%202.1pkg:rpm/suse/mozilla-nspr&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/mozilla-nspr&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Manager%202.1pkg:rpm/suse/mozilla-nss&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/mozilla-nss&distro=SUSE%20OpenStack%20Cloud%205
< 128.5.1-1.1+ 34 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-40.1
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-66.2
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 38.8.0esr-40.5
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 4.12-26.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
- (no CPE)range: < 3.20.2-30.1
Patches
Vulnerability mechanics
References
15- www.mozilla.org/security/announce/2016/mfsa2016-47.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-05/msg00038.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-0695.htmlnvd
- www.debian.org/security/2016/dsa-3559nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvd
- www.securitytracker.com/id/1035692nvd
- www.ubuntu.com/usn/USN-2936-1nvd
- www.ubuntu.com/usn/USN-2936-2nvd
- www.ubuntu.com/usn/USN-2936-3nvd
- bugzilla.mozilla.org/show_bug.cginvd
- security.gentoo.org/glsa/201701-15nvd
News mentions
0No linked articles in our index yet.