PHP 'mysqli_real_escape_string()' Function Integer Overflow Vulnerability
BID:104972
Info
PHP 'mysqli_real_escape_string()' Function Integer Overflow Vulnerability
| Bugtraq ID: | 104972 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2017-9120 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 20 2018 12:00AM |
| Updated: | Jun 20 2018 12:00AM |
| Credit: | Whitehat002 |
| Vulnerable: |
PHP PHP 7.1.5 PHP PHP 7.1.4 PHP PHP 7.1.1 PHP PHP 7.1 PHP PHP 7.0.31 PHP PHP 7.0.30 PHP PHP 7.0.29 PHP PHP 7.0.27 PHP PHP 7.0.26 PHP PHP 7.0.25 PHP PHP 7.0.22 PHP PHP 7.0.21 PHP PHP 7.0.17 PHP PHP 7.0.16 PHP PHP 7.0.15 PHP PHP 7.0.14 PHP PHP 7.0.12 PHP PHP 7.0.5 PHP PHP 7.0.3 PHP PHP 7.0 PHP PHP 7.1.3 PHP PHP 7.1 PHP PHP 7.0.9 PHP PHP 7.0.8 PHP PHP 7.0.7 PHP PHP 7.0.6 PHP PHP 7.0.4 PHP PHP 7.0.2 PHP PHP 7.0.13 PHP PHP 7.0.11 PHP PHP 7.0.10 PHP PHP 7.0.1 PHP PHP 7.0 |
| Not Vulnerable: | |
Exploit / POC
PHP 'mysqli_real_escape_string()' Function Integer Overflow Vulnerability
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
Solution / Fix
PHP 'mysqli_real_escape_string()' Function Integer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.