CVE-2014-2208
The vulnerability CVE-2014-2208 affects Facebook HHVM prior to version 2.4.2. A CRLF injection in the LightProcess protocol implementation (hphp/util/light-process.cpp) allows remote attackers to cause arbitrary command execution by injecting a newline character before the end of a string. Affect...