Unrestricted JavaScript Access to Orientation and Motion Data in Mozilla Firefox for Android

Unrestricted JavaScript Access to Orientation and Motion Data in Mozilla Firefox for Android

CVE-2016-2813 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

Learn more about our Cis Benchmark Audit For Google Android.