Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
Max CVSS
6.5
EPSS Score
0.38%
Published
2016-04-30
Updated
2017-07-01
1 vulnerabilities found