Unrated severityNVD Advisory· Published Aug 31, 2006· Updated Jun 16, 2026
CVE-2006-4483
CVE-2006-4483
Description
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
14- cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.cnvdBroken LinkPatch
- cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.cnvdBroken LinkPatch
- cvs.php.net/viewvc.cgi/php-src/ext/curl/streams.cnvdBroken LinkPatch
- secunia.com/advisories/21546nvdNot ApplicablePatchVendor Advisory
- www.php.net/release_5_1_5.phpnvdPatchRelease NotesVendor Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.php.net/ChangeLog-5.phpnvdRelease NotesVendor Advisory
- www.securityfocus.com/archive/1/492671/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/19582nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/22039nvdNot Applicable
- secunia.com/advisories/30411nvdNot Applicable
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0178nvdBroken Link
- www.novell.com/linux/security/advisories/2006_52_php.htmlnvdBroken Link
- www.vupen.com/english/advisories/2006/3318nvdPermissions Required
News mentions
0No linked articles in our index yet.