CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
Percentile
64.5%
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly
restrict availability of motion data events, which makes it easier for
remote attackers to read keystrokes by leveraging JavaScript code running
in a background tab.
Author | Note |
---|---|
jdstrand | does not affect firefox 3.6 |