Mozilla SeaMonkey CVE-2015-7327 Information Disclosure Vulnerability

description-logoDescription

Security researchers Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, Angelos D. Keromytis of Columbia University's Network Security Lab reported a method of using the High Resolution Time API for side channel attacks. This attack uses JavaScript loaded through a hostile web page to track access to the last-level cache over a period of time as a user engages in other browser activity. This attack takes advantage of the performance.now() API's use of single nanosecond resolution for timing.

affected-products-logoAffected Applications

SeaMonkey

CVE References

CVE-2015-7327