CVE Vulnerabilities

CVE-2006-4481

Published: Aug 31, 2006 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.

Affected Software

Name Vendor Start Version End Version
Php Php 5.1.2 5.1.2
Php Php 5.1.1 5.1.1
Php Php 5.1.4 5.1.4
Php Php 5.1.0 5.1.0

References