CVE-2006-4625

Published: 12 September 2006

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

Priority

Unknown

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
Upstream Needs triage