NuytsTech Security

CVE-2006-4625

by ·

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

Date published : 2006-09-12

http://www.securityfocus.com/bid/19933

http://www.securityfocus.com/archive/1/445712/100/0/threaded

Tags: