Vulnerabilities

CVE-2006-4481

by Fred · 31/08/2006

The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.

Date published : 2006-08-31

http://www.securityfocus.com/bid/19582

http://www.php.net/release_5_1_5.php

Related

Tags: Cybersecurity Alert