CVE-2017-9120: Integer Overflow

Reference Links

• https://www.cve.org/CVERecord?id=CVE-2017-9120 https://nvd.nist.gov/vuln/detail/CVE-2017-9120
• https://bugzilla.redhat.com/show_bug.cgi?id=1611898
• https://access.redhat.com/errata/RHSA-2019:2519
• https://access.redhat.com/security/cve/cve-2017-9120
• https://bugs.php.net/bug.php?id=74544
• https://security.netapp.com/advisory/ntap-20181107-0003/
• https://launchpad.net/bugs/cve/CVE-2017-9120
• https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1614880
• https://bugs.php.net/patch-display.php?bug_id=74544&patch=bug74544.diff&revision=1500891082&download=1
• https://wiki.php.net/security
• https://security-tracker.debian.org/tracker/CVE-2017-9120
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9120
• https://nvd.nist.gov/vuln/detail/CVE-2017-9120
• https://ubuntu.com/security/CVE-2017-9120

Parent vulnerabilities

(Appears in the following advisories)

• RHSA-2019:2519

Frequently Asked Questions

• What is CVE-2017-9120?

  CVE-2017-9120 is a vulnerability in PHP 7.x through 7.1.5 that allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string.

• What is the severity of CVE-2017-9120?

  The severity of CVE-2017-9120 is critical with a severity score of 9.8.

• Which software versions are affected by CVE-2017-9120?

  PHP versions 7.x through 7.1.5 are affected by CVE-2017-9120.

• How can I fix CVE-2017-9120?

  To fix CVE-2017-9120, update PHP to a version higher than 7.1.5.

• Where can I find more information about CVE-2017-9120?

  You can find more information about CVE-2017-9120 at the following references: [link1](https://bugs.php.net/bug.php?id=74544), [link2](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1614880), [link3](https://bugs.php.net/patch-display.php?bug_id=74544&patch=bug74544.diff&revision=1500891082&download=1)