CVE-2014-5386
CVE-2014-5386 affects Facebook HHVM: the mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp does not seed the random number generator before HHVM 3.3.0, which enables remote attackers to defeat cryptographic protections by reusing a single initialization vector. Root cause is lac...