2 matches found
CVE-2014-9689
content/renderer/devicesensors/deviceorientationeventpump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote attackers to obtain speech signals from a device's physical environment via a crafted web site that...
CVE-2014-9689
CVE-2014-9689 : Chrome up to 41.0.2272.76 may expose high‑rate gyroscope data via content/renderer/device_sensors/device_orientation_event_pump.cc, enabling remote sites to infer ambient speech signals through ondeviceorientation events. The vulnerability stems from insufficient restriction of de...