Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2017-9120: PHP :: Bug #74544 :: Integer overflow in mysqli_real_escape_string()

PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.

CVE
#sql#dos#git#php#buffer_overflow

Bug #74544

Integer overflow in mysqli_real_escape_string()

Submitted:

2017-05-05 04:31 UTC

Modified:

2021-08-09 10:49 UTC

Votes:

3

Avg. Score:

3.7 ± 1.9

Reproduced:

1 of 2 (50.0%)

Same Version:

1 (100.0%)

Same OS:

1 (100.0%)

From:

whitehat002 at hotmail dot com

Assigned:

cmb (profile)

Status:

Closed

Package:

MySQLi related

PHP Version:

7.1.5

OS:

Private report:

No

CVE-ID:

None

Patchesbug74544.diff (last revision 2017-07-24 10:11 UTC by johannes at schlueters dot de)

Add a Patch

Pull Requests

Add a Pull Request

History

AllChangesGit/SVN commits

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907