Lucene search
Ubuntu.comUB:CVE-2006-4483HistoryAug 31, 2006 - 12:00 a.m.
CVE-2006-4483
2006-08-3100:00:00
ubuntu.com
ubuntu.com
18
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.022
Percentile
89.6%
The cURL extension files (1) ext/curl/interface.c and (2)
ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION
option when open_basedir or safe_mode is enabled, which allows attackers to
perform unauthorized actions, possibly related to the realpath cache.
Notes
| Author | Note |
|---|---|
| kees | safe-mode bypass is not supported |
Related
nvd
nvd
CVE-2006-4483
2006-08-31 21:04:00
cve
cve
CVE-2006-4483
2006-08-31 21:04:00
cvelist
cvelist
CVE-2006-4483
2006-08-31 21:00:00
openvas
openvas
FreeBSD Ports: php4, php5
2008-09-04 00:00:00
FreeBSD Ports: php4, php5
2008-09-04 00:00:00
PHP 5.1.x < 5.1.5 Multiple Vulnerabilities
2020-08-17 00:00:00
nessus
nessus
SUSE-SA:2006:052: php4,php5
2007-02-18 00:00:00
PHP 5.1.x < 5.1.5 Multiple Vulnerabilities
2011-11-18 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2006-08-18 00:00:00
suse
suse
remote code execution in php4,php5
2006-09-21 10:05:51
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.022
Percentile
89.6%
Related for UB:CVE-2006-4483