CVE-2006-1017 in PHPinformazioni

Riassunto

di MITRE

The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

06/03/2006

Divulgazione

06/03/2006

Moderazione

accettato

Voce

VDB-2465

CPE

pronto

CWE

CWE-119 (confermato)

CVSS

7.3 (VulDB)

EPSS

0.03032

KEV

Attività

molto basso

Settore

Insurance, Finance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-1017
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1017
CVE Details	https://www.cvedetails.com/cve/CVE-2006-1017/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!