Description

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Remediation

References

CVE-2006-1608

Related Vulnerabilities

WordPress 4.6.x PHP Object Injection (4.6 - 4.6.20)

WordPress Plugin Contact Form Submissions SQL Injection (1.6.4)

WordPress Plugin ThirstyAffiliates Affiliate Link Manager Cross-Site Scripting (3.9.2)

Jboss EAP CVE-2013-1896 Vulnerability (CVE-2013-1896)

Zope Web Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-41050)

Severity

Low

Classification

CVE-2006-1608

Tags

Missing Update Known Vulnerabilities