Vulnerabilities > Exposure of Resource to Wrong Sphere
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-06-16 | CVE-2011-1258 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability." | 4.3 |
2004-12-31 | CVE-2004-1489 | Exposure of Resource to Wrong Sphere vulnerability in Opera Browser Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory. | 2.6 |
2001-11-13 | CVE-2001-0893 | Exposure of Resource to Wrong Sphere vulnerability in Acme Mini Httpd Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /. | 5.0 |
2001-11-13 | CVE-2001-0892 | Exposure of Resource to Wrong Sphere vulnerability in Acme Thttpd Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /. | 5.0 |