← Back to CVEs
CVE-2006-7204
N/ADescription
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
CVE Details
CVSS v3.1 ScoreN/A
Published5/22/2007
Last Modified4/9/2025
Sourcenvd
Honeypot Sightings0
Affected Products
php:php
References
http://bugs.php.net/bug.php?id=37265(cve@mitre.org)
http://secunia.com/advisories/21546(cve@mitre.org)
http://us2.php.net/ChangeLog-4.php#4.4.4(cve@mitre.org)
http://www.osvdb.org/28005(cve@mitre.org)
http://bugs.php.net/bug.php?id=37265(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21546(af854a3a-2127-422b-91ae-364da2661108)
http://us2.php.net/ChangeLog-4.php#4.4.4(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/28005(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.