Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-2813

Опубликовано: 30 апр. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

released

46.0
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

not-affected

xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 64%
0.00472
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-2813

redhat
почти 10 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

nvd логотип

CVE-2016-2813

CVSS3: 6.5
nvd
почти 10 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

debian логотип

CVE-2016-2813

CVSS3: 6.5
debian
почти 10 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict Java ...

github логотип

GHSA-x4mq-76g8-78f6

CVSS3: 6.5
github
больше 3 лет назад

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

fstec логотип

BDU:2016-01151

fstec
почти 10 лет назад

Уязвимость браузера Firefox, позволяющая нарушителю получить конфиденциальную информацию об устройстве и PIN-код

EPSS

Процентиль: 64%
0.00472
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3