CVE-2006-7204

Name of the Vulnerable Software and Affected Versions PHP versions prior to 4.4.4

Description The issue concerns the imap body function, which does not implement safemode or open basedir checks. This allows local users to read arbitrary files or list arbitrary directory contents.

Recommendations For versions prior to 4.4.4, update to version 4.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the imap body function until a patch is available.