PT-2015-4355 · Google+1 · Google Chrome+1
Dan Boneh
+2
·
Publicado
2015-03-09
·
Atualizado
2015-03-20
·
CVE-2014-9689
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 41.0.2272.76
Description
The issue allows remote attackers to obtain speech signals from a device's physical environment via a crafted web site that listens for
ondeviceorientation events. This is achieved by not properly restricting access to high-rate gyroscope data.Recommendations
For versions prior to 41.0.2272.76, update to version 41.0.2272.76 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Google Chrome