Vulnerability Description
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
CVSS Score
2.6
LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 5.1.0 |
Related Weaknesses (CWE)
References
- ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
- http://rhn.redhat.com/errata/RHSA-2006-0688.html
- http://secunia.com/advisories/21546Vendor Advisory
- http://secunia.com/advisories/22004Vendor Advisory
- http://secunia.com/advisories/22069Vendor Advisory
- http://secunia.com/advisories/22225Vendor Advisory
- http://secunia.com/advisories/22331Vendor Advisory
- http://secunia.com/advisories/22440Vendor Advisory
- http://secunia.com/advisories/22487Vendor Advisory
- http://secunia.com/advisories/22538Vendor Advisory
- http://secunia.com/advisories/25945Vendor Advisory
- http://securitytracker.com/id?1016984
- http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
FAQ
What is CVE-2006-4486?
CVE-2006-4486 is a vulnerability with a CVSS score of 2.6 (LOW). Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
How severe is CVE-2006-4486?
CVE-2006-4486 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4486?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php.