Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2006-2563

Published: 29/05/2006 Updated: 20/07/2017
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Php

Vulnerability Summary

The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows malicious users to bypass safe mode and read files via a file:// request containing null characters.

Vulnerable Product Search on Vulmon Subscribe to Product

php php 4.4.2

php php 5.1.4

Vendor Advisories

Ubuntu Security Notice: php4, php5 vulnerabilities
The phpinfo() PHP function did not properly sanitize long strings A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo() Please note that it is not recommended to publicly expose phpinfo() (CVE-2006-0996) ...
Debian CVElist Bug Report Logs: php5: CVE-2006-4020: arbitrary code execution in php
Debian Bug report logs - #382256 php5: CVE-2006-4020: arbitrary code execution in php Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Wed, 9 Aug 2006 19:18:18 UTC ...
Debian CVElist Bug Report Logs: PHP 4.4.3 and 4.4.4 fix security bugs (CVE-2006-301[67], et al.)
Debian Bug report logs - #382259 PHP 443 and 444 fix security bugs (CVE-2006-301[67], et al) Package: php4; Maintainer for php4 is (unknown); Reported by: Stefan Fritsch <sf@sfritschde> Date: Wed, 9 Aug 2006 20:03:02 UTC Severity: grave Tags: fixed, fixed-upstream, security, upstream Done: Ondřej Surý <ondrej ...
Debian CVElist Bug Report Logs: php5-curl: [CVE-2006-2563] PHP cURL Safe_Mode Bypass Vulnerability
Debian Bug report logs - #370165 php5-curl: [CVE-2006-2563] PHP cURL Safe_Mode Bypass Vulnerability Package: php5-curl; Maintainer for php5-curl is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5-curl is src:php5 (PTS, buildd, popcon) Reported by: SALVETTI Djoume <djoume@taketorg> Dat ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/18116http://securityreason.com/achievement_securityalert/39http://securitytracker.com/id?1016175http://secunia.com/advisories/20337http://secunia.com/advisories/21050http://www.novell.com/linux/security/advisories/2006_22_sr.htmlhttp://www.novell.com/linux/security/advisories/2006_52_php.htmlhttp://secunia.com/advisories/21847http://secunia.com/advisories/22039http://www.mandriva.com/security/advisories?name=MDKSA-2006:122http://securityreason.com/securityalert/959http://www.vupen.com/english/advisories/2006/2055https://exchange.xforce.ibmcloud.com/vulnerabilities/26764https://usn.ubuntu.com/320-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook