Description

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

Remediation

References

CVE-2006-4625

Related Vulnerabilities

Joomla Other Vulnerability (CVE-2006-3481)

WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1)

OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-2274)

Oracle JRE CVE-2013-0433 Vulnerability (CVE-2013-0433)

ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)

Severity

Low

Classification

CVE-2006-4625

Tags

Missing Update Known Vulnerabilities