Description

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Remediation

References

CVE-2006-1608

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2002-0364)

Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)

PostgreSQL Resource Management Errors Vulnerability (CVE-2012-2655)

WordPress Plugin WordPress Comments Import & Export CSV Injection (2.0.4)

WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)

Severity

Low

Classification

CVE-2006-1608

Tags

Missing Update Known Vulnerabilities