CVE-2006-1608

NameCVE-2006-1608
DescriptionThe copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow
Debian Bugs361856, 361915

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php4source(unstable)4:4.4.4-1unimportant361856
php5source(unstable)5.1.4-0.1unimportant361915

Notes

Safe mode violations not supported

Search for package or bug name: Reporting problems