CVE-2015-7327

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 41.0

Description The issue is related to the lack of protection for service data in the browser, which can be exploited by a remote attacker using specially crafted JavaScript code. This code exploits errors in the configuration of access to High Resolution Time API components, potentially allowing access to protected information. The vulnerability can be used to track last-level cache access, consequently obtaining sensitive information through crafted JavaScript code that makes performance.now calls.

Recommendations For versions prior to 41.0, update to version 41.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the High Resolution Time API to minimize the risk of exploitation.