Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4688

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4688
Last Modified 26 Jan 2012 11:03:52
Published 07 Dec 2011 02:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4688

Summary

Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

Vulnerable Systems

Application

  • Mozilla Firefox 8.0

  • Mozilla Firefox 8.0.1


References

SECUNIA - 47090

MISC - http://lcamtuf.coredump.cx/cachetime/


Last Updated: 27 May 2016 10:57:50