Lucene search

PRIOn knowledge basePRION:CVE-2006-1017

HistoryMar 07, 2006 - 12:02 a.m.

Design/Logic Flaw

2006-03-0700:02:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.4%

JSON

The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.

CPENameOperatorVersion
phpeq4.3.9
phpeq3.0
phpeq3.0.5
phpeq3.0.11
phpeq5.1.2
phpeq4.2.0
phpeq5.1.1
phpeq3.0.1
phpeq3.0.2
phpeq5.0.0 beta1

Name	Operator	Version
php	eq	4.3.9
php	eq	3.0
php	eq	3.0.5
php	eq	3.0.11
php	eq	5.1.2
php	eq	4.2.0
php	eq	5.1.1
php	eq	3.0.1
php	eq	3.0.2
php	eq	5.0.0 beta1

Rows per page:

1-10 of 781

References

bugs.php.net/bug.php?id=37265

secunia.com/advisories/18694

secunia.com/advisories/21050

secunia.com/advisories/21546

securityreason.com/securityalert/516

www.mandriva.com/security/advisories?name=MDKSA-2006:122

www.osvdb.org/23535

www.php.net/ChangeLog-5.php

www.php.net/release_5_1_5.php

www.securityfocus.com/archive/1/426339/100/0/threaded

www.vupen.com/english/advisories/2006/0772

exchange.xforce.ibmcloud.com/vulnerabilities/24964

6.7 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.13 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2006-1017