3 matches found
CVE-2009-3017
CVE-2009-3017 concerns Orca Browser 1.2 build 5. The issue is an improper handling of data: URIs and javascript: URIs in HTTP headers (Refresh and Location) and in 302 error documents, enabling cross-site scripting (XSS) via multiple header/URL vectors. The connected documents corroborate user-as...
Apache 2.0 - Full Path Disclosure
Apache 2.0 - Full Path Disclosure source: https://www.securityfocus.com/bid/5485/info A path disclosure vulnerability has been reported in Apache 2.0.x. It is possible to reproduce this condition on vulnerable systems by making a request for certain types of files such as error documents that hav...
Apache Httpd < 2.0.40 : Path revealing exposures
A path-revealing exposure was present in multiview type map negotiation such as the default error documents where a module would report the full path of the typemapped .var file when multiple documents or no documents could be served. Additionally a path-revealing exposure in cgi/cgid when Apache...