PRIOn knowledge basePRION:CVE-2006-1608

HistoryApr 10, 2006 - 7:02 p.m.

Design/Logic Flaw

2006-04-1019:02:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

CPENameOperatorVersion
phpeq4.3.9
phpeq4.0 beta1
phpeq5.1.2
phpeq4.0 beta4
phpeq4.2.0
phpeq5.1.1
phpeq5.0.0 beta1
phpeq4.1.0
phpeq4.3.4
phpeq4.0.4

Name	Operator	Version
php	eq	4.3.9
php	eq	4.0 beta1
php	eq	5.1.2
php	eq	4.0 beta4
php	eq	4.2.0
php	eq	5.1.1
php	eq	5.0.0 beta1
php	eq	4.1.0
php	eq	4.3.4
php	eq	4.0.4

Rows per page:

1-10 of 651

References

secunia.com/advisories/19599

secunia.com/advisories/19775

secunia.com/advisories/21125

securityreason.com/achievement_securityalert/37

securityreason.com/securityalert/678

securitytracker.com/id?1015882

us.php.net/releases/5_1_3.php

www.mandriva.com/security/advisories?name=MDKSA-2006:074

www.osvdb.org/24487

www.securityfocus.com/archive/1/430461/100/0/threaded

www.securityfocus.com/archive/1/440869/100/0/threaded

www.securityfocus.com/archive/1/441210/100/0/threaded

www.securityfocus.com/bid/17439

www.ubuntu.com/usn/usn-320-1

www.vupen.com/english/advisories/2006/1290

exchange.xforce.ibmcloud.com/vulnerabilities/25706

6.4 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for PRION:CVE-2006-1608