2 matches found
CVE-2014-6229
The HashContext class in hphp/runtime/ext/exthash.cpp in Facebook HipHop Virtual Machine HHVM before 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote attackers to obtain sensitive information by leveraging read access beyond the end of the string,...
CVE-2014-6229
CVE-2014-6229 affects Facebook HHVM prior to 3.3.0. The HashContext class in hphp/runtime/ext/ext_hash.cpp improperly assumes a key string terminator as '\0', enabling read access beyond end of string and potentially truncation of an internal '\0' character. Impact is information disclosure and w...