Lucene search

[email protected]NVD:CVE-2006-1608

HistoryApr 10, 2006 - 7:02 p.m.

CVE-2006-1608

2006-04-1019:02:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Affected configurations

NVD

Node

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0rc1

phpphpMatch4.0rc2

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.1patch1

phpphpMatch4.0.1patch2

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.3patch1

phpphpMatch4.0.4

phpphpMatch4.0.4patch1

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.0.7rc1

phpphpMatch4.0.7rc2

phpphpMatch4.0.7rc3

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2dev

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch5.0rc1

phpphpMatch5.0rc2

phpphpMatch5.0rc3

phpphpMatch5.0.0

phpphpMatch5.0.0beta1

phpphpMatch5.0.0beta2

phpphpMatch5.0.0beta3

phpphpMatch5.0.0beta4

phpphpMatch5.0.0rc1

phpphpMatch5.0.0rc2

phpphpMatch5.0.0rc3

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

References

secunia.com/advisories/19599

secunia.com/advisories/19775

secunia.com/advisories/21125

securityreason.com/achievement_securityalert/37

securityreason.com/securityalert/678

securitytracker.com/id?1015882

us.php.net/releases/5_1_3.php

www.mandriva.com/security/advisories?name=MDKSA-2006:074

www.osvdb.org/24487

www.securityfocus.com/archive/1/430461/100/0/threaded

www.securityfocus.com/archive/1/440869/100/0/threaded

www.securityfocus.com/archive/1/441210/100/0/threaded

www.securityfocus.com/bid/17439

www.ubuntu.com/usn/usn-320-1

www.vupen.com/english/advisories/2006/1290

exchange.xforce.ibmcloud.com/vulnerabilities/25706

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2006-1608

cvelist1 securityvulns1 cve1 redhatcve1 ubuntucve1 prion1 nessus3 openvas1 ubuntu1