5.1
CVSSv2

CVE-2016-2808

Published: 30/04/2016 Updated: 01/07/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

The watch implementation in the JavaScript engine in Mozilla Firefox prior to 46.0, Firefox ESR 38.x prior to 38.8, and Firefox ESR 45.x prior to 45.1 allows remote malicious users to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 45.0.1

mozilla firefox esr 38.7.1

mozilla firefox esr 38.7.0

mozilla firefox esr 38.2.1

mozilla firefox esr 38.2.0

mozilla firefox esr 38.5.1

mozilla firefox esr 38.5.0

mozilla firefox esr 38.0.5

mozilla firefox esr 38.0.1

mozilla firefox esr 38.6.1

mozilla firefox esr 38.6.0

mozilla firefox esr 38.1.1

mozilla firefox esr 38.1.0

mozilla firefox

mozilla firefox esr 38.4.0

mozilla firefox esr 38.3.0

mozilla firefox esr 38.0

Vendor Advisories

Firefox could be made to crash or run programs as your login if it opened a malicious website ...
USN-2936-1 caused Firefox to crash on startup with the Oxygen GTK theme ...
USN-2936-1 introduced a regression in Firefox ...
Mozilla Foundation Security Advisory 2016-47 Write to invalid HashMap entry through JavaScriptwatch() Announced April 26, 2016 Reporter CESG Impact High Products Firefox, Firefox ESR Fixed in ...
The watch implementation in the JavaScript engine in Mozilla Firefox before 460, Firefox ESR 38x before 388, and Firefox ESR 45x before 451 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site ...