WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-12-07T19:00:00
Updated: 2017-09-18T12:57:01
Reserved: 2011-12-07T00:00:00
Link: CVE-2011-4692
JSON object: View
NVD Information
Status : Modified
Published: 2011-12-07T19:55:03.267
Modified: 2017-09-19T01:34:26.337
Link: CVE-2011-4692
JSON object: View
Redhat Information
No data.
CWE