{ "schema_version": "1.4.0", "id": "GHSA-7mhv-mg92-qx3w", "modified": "2022-05-01T07:04:41Z", "published": "2022-05-01T07:04:41Z", "aliases": [ "CVE-2006-3011" ], "details": "The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a \"php://\" or other scheme in the third argument, which disables safe mode.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3011" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27414" }, { "type": "WEB", "url": "http://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?diff_format=u&view=log&pathrev=PHP_4_4" }, { "type": "WEB", "url": "http://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?r1=1.543.2.51.2.9&r2=1.543.2.51.2.10&pathrev=PHP_4_4&diff_format=u" }, { "type": "WEB", "url": "http://secunia.com/advisories/20818" }, { "type": "WEB", "url": "http://secunia.com/advisories/21050" }, { "type": "WEB", "url": "http://secunia.com/advisories/21125" }, { "type": "WEB", "url": "http://secunia.com/advisories/21546" }, { "type": "WEB", "url": "http://securityreason.com/achievement_securityalert/41" }, { "type": "WEB", "url": "http://securityreason.com/securityalert/1129" }, { "type": "WEB", "url": "http://securitytracker.com/id?1016377" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:122" }, { "type": "WEB", "url": "http://www.osvdb.org/26827" }, { "type": "WEB", "url": "http://www.php.net/release_5_1_5.php" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/18645" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/usn-320-1" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/2523" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-06-26T21:05:00Z" } }