Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2006-4481
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-31 Aug, 2006 | 21:04
Updated At-03 Apr, 2025 | 01:03

The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
The PHP Group
php
>>php>>5.1.0
cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.1
cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.2
cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.4
cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2006-09-20T00:00:00

We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php

References
HyperlinkSourceResource
http://secunia.com/advisories/21546cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21768cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21842cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/22039cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:162cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2006_52_php.htmlcve@mitre.org
N/A
http://www.php.net/release_5_1_5.phpcve@mitre.org
Patch
http://www.securityfocus.com/bid/19582cve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-342-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/3318cve@mitre.org
N/A
http://secunia.com/advisories/21546af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21768af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21842af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/22039af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:162af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006_52_php.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.php.net/release_5_1_5.phpaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/19582af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/usn-342-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3318af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found