[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4481Date: (C)2006-08-31   (M)2023-12-22


The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-19582
SECUNIA-21546
SECUNIA-21768
SECUNIA-21842
SECUNIA-22039
ADV-2006-3318
MDKSA-2006:162
SUSE-SA:2006:052
USN-342-1
http://www.php.net/release_5_1_5.php

CPE    5
cpe:/a:php:php:5.1.4
cpe:/a:php:php:5.1.0
cpe:/a:php:php:5.1
cpe:/a:php:php:5.1.1
...

© SecPod Technologies