Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6228

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-6228
Last Modified 30 Dec 2014 10:34:11
Published 28 Dec 2014 10:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-6228

Summary

Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split function.

Vulnerable Systems

Application

  • Facebook Hiphop Virtual Machine 3.2.0


References

CONFIRM - https://github.com/facebook/hhvm/commit/1f91e076a585118495b976a413c1df40f6fd3d41


Last Updated: 27 May 2016 11:07:23