VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (6,405)

page 314 of 321
  • CVE-2008-0299Jan 16, 2008
    Python (programming language)
    Paramiko
    risk 0.00cvss epss 0.01

    common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.

  • CVE-2008-0195Jan 10, 2008
    WordPress
    WordPress
    risk 0.00cvss epss 0.02

    WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.

  • CVE-2008-0191Jan 10, 2008
    WordPress
    WordPress
    risk 0.00cvss epss 0.01

    WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure.

  • CVE-2007-5404Jan 9, 2008
    Layton Helpbox
    Helpbox
    risk 0.00cvss epss 0.00

    Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames.

  • CVE-2008-0136Jan 8, 2008
    Snitz Communications
    Forums 2000
    risk 0.00cvss epss 0.00

    Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path.

  • CVE-2007-6660Jan 4, 2008
    2z Project
    2z Project
    risk 0.00cvss epss 0.00

    2z project 0.9.6.1 allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid template or (2) a request to the default URI with certain year and month parameters, which reveals the path in various error messages.

  • CVE-2007-6606Dec 31, 2007
    Openbiblio
    Openbiblio
    risk 0.00cvss epss 0.00

    OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.

  • CVE-2007-6607Dec 31, 2007
    Openbiblio
    Openbiblio
    risk 0.00cvss epss 0.00

    OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messages.

  • CVE-2007-6536Dec 27, 2007
    Google
    Toolbar
    risk 0.00cvss epss 0.01

    The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users…

  • CVE-2007-6524Dec 24, 2007
    Opera
    Opera
    risk 0.00cvss epss 0.01

    Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420.

  • CVE-2007-6512Dec 21, 2007
    PHP
    Mysql Banner Exchange
    risk 0.00cvss epss 0.00

    PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.

  • CVE-2007-6283Dec 18, 2007
    Fedoraproject
    Fedora
    risk 0.00cvss epss 0.00

    Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.

  • CVE-2007-6417Dec 18, 2007
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).

  • CVE-2007-6418Dec 18, 2007
    Debian
    libdspam7-drv-mysql
    risk 0.00cvss epss 0.00

    The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.

  • CVE-2007-6408Dec 17, 2007
    IBM
    Tivoli Provisioning Manager Express For Software Distribution
    risk 0.00cvss epss 0.00

    IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) attempted duplication of a username occurs when creating an account or (2) when trying to login using a valid username, which makes it easier for remote attackers to enumerate…

  • CVE-2007-6249Dec 15, 2007
    Gentoo
    Portage
    risk 0.00cvss epss 0.00

    etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file.

  • CVE-2007-6206Dec 4, 2007
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain…

  • CVE-2007-6197Dec 1, 2007
    Bea
    Aqualogic Interaction
    risk 0.00cvss epss 0.01

    The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.

  • CVE-2007-6150Nov 30, 2007
    FreeBSD
    FreeBSD
    risk 0.00cvss epss 0.00

    The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of…

  • CVE-2007-6193Nov 30, 2007
    Citrix Systems
    Netscaler
    risk 0.00cvss epss 0.00

    The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web…