virus logo Endpoint Vulnerability

Information disclosure via the High Resolution Time API

description-logoDescription

Security researchers Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, Angelos D. Keromytis of Columbia University's Network Security Lab reported a method of using the High Resolution Time API for side channel attacks. This attack uses JavaScript loaded through a hostile web page to track access to the last-level cache over a period of time as a user engages in other browser activity. This attack takes advantage of the performance.now() API's use of single nanosecond resolution for timing.

affected-products-logoAffected Applications

SeaMonkey

Version Updates

Date Version Status Detail
2020-02-21 2.00048
New
 SeaMonkey
2019-08-21 1.00042
Modified
 SeaMonkey
2019-07-18 1.00041
Modified
 SeaMonkey

References

https://www.mozilla.org/en-US/security/advisories/mfsa2015-114
ID 39445
Created Feb 22, 2023
Description
Updated		 Feb 22, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Mozilla
Patch manual
Application SeaMonkey