WebKit, as used in Apple Safari 5.1.1 and previous versions and Google Chrome 15 and previous versions, does not prevent capture of data about the time required for image loading, which makes it easier for remote malicious users to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple webkit |
||
apple safari |
||
google chrome |