CVE-2006-1608 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-1608
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1608

Description: The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25706 UBUNTU http://www.ubuntu.com/usn/usn-320-1 ST 1015882 SREASONRES http://securityreason.com/achievement_securityalert/37 SREASON http://securityreason.com/securityalert/678 SAID Secunia Advisory: SA21125 Secunia Advisory: SA19599 Secunia Advisory: SA19775 OSVDB 24487 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:074 CONFIRM http://us.php.net/releases/5_1_3.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/441210/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/440869/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/430461/100/0/threaded BID 17439

Return to the previous page.