Catalin Dumitru

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 48.0 Firefox ESR versions prior to 45.4 Thunderbird versions prior to 45.4 **Description** The issue allows remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls. This is related to a lack of protection for service data, which can be exploited by a remote attacker to gain information about recently visited pages. **Recommendations** For Mozilla Firefox versions prior to 48.0, update to version 48.0 or later. For Firefox ESR versions prior to 45.4, update to version 45.4 or later. For Thunderbird versions prior to 45.4, update to version 45.4 or later.