Vulnerability Description
The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 5.1.0 |
References
- http://rhn.redhat.com/errata/RHSA-2006-0688.html
- http://secunia.com/advisories/21546PatchVendor Advisory
- http://secunia.com/advisories/21842
- http://secunia.com/advisories/22331
- http://secunia.com/advisories/22538
- http://securitytracker.com/id?1016984
- http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:162
- http://www.php.net/release_5_1_5.phpPatch
- http://www.securityfocus.com/bid/19582
- http://www.ubuntu.com/usn/usn-362-1
- http://www.vupen.com/english/advisories/2006/3318
- http://rhn.redhat.com/errata/RHSA-2006-0688.html
- http://secunia.com/advisories/21546PatchVendor Advisory
- http://secunia.com/advisories/21842
FAQ
What is CVE-2006-4485?
CVE-2006-4485 is a vulnerability with a CVSS score of 10.0 (HIGH). The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.
How severe is CVE-2006-4485?
CVE-2006-4485 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4485?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php.