Back to search
CVE-2011-4692
Published: Dec 7, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://lcamtuf.coredump.cx/cachetime/
x_refsource_MISC
oval:org.mitre.oval:def:14098
vdb-entry
signature
x_refsource_OVAL
http://oxplot.github.com/visipisi/visipisi.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now