Описание
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
Релиз | Статус | Примечание |
---|---|---|
devel | not-affected | |
esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
precise | not-affected | |
trusty | not-affected | |
trusty/esm | DNE | trusty was not-affected |
upstream | released | 46.0 |
vivid/stable-phone-overlay | DNE | |
vivid/ubuntu-core | DNE | |
wily | not-affected | |
xenial | not-affected |
Показывать по
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
Mozilla Firefox before 46.0 on Android does not properly restrict Java ...
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
Уязвимость браузера Firefox, позволяющая нарушителю получить конфиденциальную информацию об устройстве и PIN-код
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3