CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (5,448)
page 256 of 273| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-2445 | 0.00 | — | 0.01 | Jul 13, 2009 | Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI. | ||
| CVE-2009-2274 | 0.00 | — | 0.00 | Jul 1, 2009 | The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents. | ||
| CVE-2009-2260 | 0.00 | — | 0.00 | Jun 30, 2009 | stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network. | ||
| CVE-2009-2046 | 0.00 | — | 0.00 | Jun 25, 2009 | The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497. | ||
| CVE-2009-1680 | 0.00 | — | 0.00 | Jun 19, 2009 | Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history. | ||
| CVE-2009-0958 | 0.00 | — | 0.00 | Jun 19, 2009 | Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials. | ||
| CVE-2009-2115 | 0.00 | — | 0.00 | Jun 18, 2009 | admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message. | ||
| CVE-2009-1835 | 0.00 | — | 0.02 | Jun 12, 2009 | Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning. | ||
| CVE-2009-2042 | 0.00 | — | 0.03 | Jun 12, 2009 | libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file. | ||
| CVE-2009-2031 | 0.00 | — | 0.00 | Jun 11, 2009 | smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes. | ||
| CVE-2009-1718 | 0.00 | — | 0.01 | Jun 10, 2009 | WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to obtain sensitive information via vectors involving drag events and the dragging of content over a crafted web page. | ||
| CVE-2009-1713 | 0.00 | — | 0.01 | Jun 10, 2009 | The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function, which allows remote attackers to read (1) arbitrary local files and (2) files from different security zones via unspecified vectors. | ||
| CVE-2009-1706 | 0.00 | — | 0.01 | Jun 10, 2009 | The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie. | ||
| CVE-2009-1703 | 0.00 | — | 0.01 | Jun 10, 2009 | WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and (2) video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document. | ||
| CVE-2009-1700 | 0.00 | — | 0.01 | Jun 10, 2009 | The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document. | ||
| CVE-2009-0229 | 0.00 | — | 0.03 | Jun 10, 2009 | The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." | ||
| CVE-2009-1296 | 0.00 | — | 0.00 | Jun 9, 2009 | The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root. | ||
| CVE-2009-1900 | 0.00 | — | 0.01 | Jun 3, 2009 | The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5, when tracing is enabled, allow remote attackers to obtain sensitive information via unspecified use of the wsadmin scripting tool. | ||
| CVE-2009-1898 | 0.00 | — | 0.00 | Jun 3, 2009 | The secure login page in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 does not redirect to an https page upon receiving an http request, which makes it easier for remote attackers to read the contents of WAS sessions by sniffing the network. | ||
| CVE-2009-1803 | 0.00 | — | 0.00 | May 28, 2009 | FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. |
- CVE-2009-2445Jul 13, 2009risk 0.00cvss —epss 0.01
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.
- CVE-2009-2274Jul 1, 2009risk 0.00cvss —epss 0.00
The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.
- CVE-2009-2260Jun 30, 2009risk 0.00cvss —epss 0.00
stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network.
- CVE-2009-2046Jun 25, 2009risk 0.00cvss —epss 0.00
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.
- CVE-2009-1680Jun 19, 2009risk 0.00cvss —epss 0.00
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
- CVE-2009-0958Jun 19, 2009risk 0.00cvss —epss 0.00
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials.
- CVE-2009-2115Jun 18, 2009risk 0.00cvss —epss 0.00
admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message.
- CVE-2009-1835Jun 12, 2009risk 0.00cvss —epss 0.02
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning.
- CVE-2009-2042Jun 12, 2009risk 0.00cvss —epss 0.03
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
- CVE-2009-2031Jun 11, 2009risk 0.00cvss —epss 0.00
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.
- CVE-2009-1718Jun 10, 2009risk 0.00cvss —epss 0.01
WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to obtain sensitive information via vectors involving drag events and the dragging of content over a crafted web page.
- CVE-2009-1713Jun 10, 2009risk 0.00cvss —epss 0.01
The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function, which allows remote attackers to read (1) arbitrary local files and (2) files from different security zones via unspecified vectors.
- CVE-2009-1706Jun 10, 2009risk 0.00cvss —epss 0.01
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit of the application, which makes it easier for remote web servers to track users via a cookie.
- CVE-2009-1703Jun 10, 2009risk 0.00cvss —epss 0.01
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and (2) video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document.
- CVE-2009-1700Jun 10, 2009risk 0.00cvss —epss 0.01
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document.
- CVE-2009-0229Jun 10, 2009risk 0.00cvss —epss 0.03
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability."
- CVE-2009-1296Jun 9, 2009risk 0.00cvss —epss 0.00
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.
- CVE-2009-1900Jun 3, 2009risk 0.00cvss —epss 0.01
The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5, when tracing is enabled, allow remote attackers to obtain sensitive information via unspecified use of the wsadmin scripting tool.
- CVE-2009-1898Jun 3, 2009risk 0.00cvss —epss 0.00
The secure login page in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 does not redirect to an https page upon receiving an http request, which makes it easier for remote attackers to read the contents of WAS sessions by sniffing the network.
- CVE-2009-1803May 28, 2009risk 0.00cvss —epss 0.00
FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.