Lucene search

[email protected]NVD:CVE-2006-1494

HistoryApr 10, 2006 - 7:02 p.m.

CVE-2006-1494

2006-04-1019:02:00

[email protected]

web.nvd.nist.gov

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

Affected configurations

NVD

Node

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0rc1

phpphpMatch4.0rc2

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.1patch1

phpphpMatch4.0.1patch2

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.3patch1

phpphpMatch4.0.4

phpphpMatch4.0.4patch1

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.0.7rc1

phpphpMatch4.0.7rc2

phpphpMatch4.0.7rc3

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2dev

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch5.0rc1

phpphpMatch5.0rc2

phpphpMatch5.0rc3

phpphpMatch5.0.0

phpphpMatch5.0.0beta1

phpphpMatch5.0.0beta2

phpphpMatch5.0.0beta3

phpphpMatch5.0.0beta4

phpphpMatch5.0.0rc1

phpphpMatch5.0.0rc2

phpphpMatch5.0.0rc3

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

References

ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U

rhn.redhat.com/errata/RHSA-2006-0549.html

secunia.com/advisories/19599

secunia.com/advisories/19775

secunia.com/advisories/19979

secunia.com/advisories/21031

secunia.com/advisories/21125

secunia.com/advisories/21135

secunia.com/advisories/21202

secunia.com/advisories/21252

secunia.com/advisories/21723

secunia.com/advisories/22225

securityreason.com/achievement_securityalert/36

securityreason.com/securityalert/677

securitytracker.com/id?1015881

support.avaya.com/elmodocs2/security/ASA-2006-175.htm

www.mandriva.com/security/advisories?name=MDKSA-2006:074

www.novell.com/linux/security/advisories/05-05-2006.html

www.redhat.com/support/errata/RHSA-2006-0567.html

www.redhat.com/support/errata/RHSA-2006-0568.html

www.securityfocus.com/archive/1/447866/100/0/threaded

www.securityfocus.com/bid/17439

www.ubuntu.com/usn/usn-320-1

www.vupen.com/english/advisories/2006/1290

exchange.xforce.ibmcloud.com/vulnerabilities/25705

issues.rpath.com/browse/RPL-683

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10196

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

Related for NVD:CVE-2006-1494

cvelist2 prion1 ubuntucve2 cve2 securityvulns1 nvd1 redhatcve1 nessus8 centos2 redhat2 suse1 ubuntu1 openvas1