CVE-2006-1494 — Vulnetix

CVE-2006-1494 PUBLISHED

Reported by mitre · Published April 10, 2006

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Exploit Intelligence

http://secunia.com/advisories/19599 (vulncheck-nvd)
http://securityreason.com/achievement_securityalert/36 (vulncheck-nvd)

Timeline

Apr 10, 2006 CVE Published
Feb 4, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
Jul 17, 2023 EPSS Score
Sep 8, 2023 EPSS Score
Dec 22, 2023 EPSS Score
Feb 13, 2024 EPSS Score

References

21723 third-party-advisoryx_refsource_SECUNIA
x_refsource_CONFIRM
19775 third-party-advisoryx_refsource_SECUNIA
21252 third-party-advisoryx_refsource_SECUNIA
21202 third-party-advisoryx_refsource_SECUNIA
677 third-party-advisoryx_refsource_SREASON
php-tempnam-directory-traversal(25705) vdb-entryx_refsource_XF
ADV-2006-1290 vdb-entryx_refsource_VUPEN
RHSA-2006:0568 vendor-advisoryx_refsource_REDHAT
21135 third-party-advisoryx_refsource_SECUNIA
USN-320-1 vendor-advisoryx_refsource_UBUNTU
20061005 rPSA-2006-0182-1 php php-mysql php-pgsql mailing-listx_refsource_BUGTRAQ
19979 third-party-advisoryx_refsource_SECUNIA
RHSA-2006:0549 vendor-advisoryx_refsource_REDHAT
22225 third-party-advisoryx_refsource_SECUNIA
21125 third-party-advisoryx_refsource_SECUNIA
19599 third-party-advisoryx_refsource_SECUNIA
MDKSA-2006:074 vendor-advisoryx_refsource_MANDRIVA
20060408 tempnam() open_basedir bypass PHP 4.4.2 and 5.1.2 third-party-advisoryx_refsource_SREASONRES
21031 third-party-advisoryx_refsource_SECUNIA

…and 7 more

Open in Interactive Console →