The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:09
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/19599 - Exploit, Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/19775 - | |
References | () http://secunia.com/advisories/21125 - | |
References | () http://securityreason.com/achievement_securityalert/37 - Exploit, Patch | |
References | () http://securityreason.com/securityalert/678 - | |
References | () http://securitytracker.com/id?1015882 - | |
References | () http://us.php.net/releases/5_1_3.php - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2006:074 - | |
References | () http://www.osvdb.org/24487 - | |
References | () http://www.securityfocus.com/archive/1/430461/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/440869/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/441210/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/17439 - | |
References | () http://www.ubuntu.com/usn/usn-320-1 - | |
References | () http://www.vupen.com/english/advisories/2006/1290 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/25706 - |
Information
Published : 2006-04-10 19:02
Updated : 2024-11-21 00:09
NVD link : CVE-2006-1608
Mitre link : CVE-2006-1608
CVE.ORG link : CVE-2006-1608
JSON object : View
Products Affected
php
- php
CWE