Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sensitive information, via crafted JavaScript code that makes performance.now calls.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 信息泄露漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox 40.0.3及之前版本中存在安全漏洞,该漏洞源于程序没有正确限制High Resolution Time API时间的可用性。远程攻击者可借助调用‘performance.now’函数的特制的JavaScript代码利用该漏洞跟踪访问last-level缓存,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A