Description

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Remediation

References

CVE-2006-1608

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Subscription Security Bypass (1.3.4)

Apache HTTP Server Other Vulnerability (CVE-2006-4154)

Drupal Data Processing Errors Vulnerability (CVE-2017-6920)

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-46242)

WordPress Plugin WP Plugin Manager (WPPM) Cross-Site Scripting (1.6.4.b)

Severity

Low

Classification

CVE-2006-1608

Tags

Missing Update Known Vulnerabilities