CVE-2014-2208
EUVD-2014-224828.12.2014, 15:59
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| hiphop_virtual_machine | 𝑥 ≤ 2.4.1 |
𝑥
= Vulnerable software versions