Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-2813

Опубликовано: 30 апр. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

released

46.0
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

not-affected

xenial

not-affected

Показывать по

EPSS

Процентиль: 64%
0.00472
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat
больше 9 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

CVSS3: 6.5
nvd
больше 9 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

CVSS3: 6.5
debian
больше 9 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict Java ...

CVSS3: 6.5
github
около 3 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

fstec
больше 9 лет назад

Уязвимость браузера Firefox, позволяющая нарушителю получить конфиденциальную информацию об устройстве и PIN-код

EPSS

Процентиль: 64%
0.00472
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3