The host is installed with Mozilla Firefox before 45.0 and is prone to an information disclosure vulnerability. A flaw is present in the libvpx in Mozilla Firefox, which fails to properly restrict the availability of IFRAME Resource Timing API times. Successful exploitation allows remote attackers to bypass the same origin policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session.