Security Advisory

CVE-2017-5928

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-02-27 07:25:00

Last updated 2024-08-05 15:18:48

Assigner mitre

State PUBLISHED

Description

The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code.

← Browse all CVEs View on cve.org ↗