CVE-2014-6228

Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
facebookhiphop_virtual_machine
𝑥
≤ 3.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/facebook/hhvm/commit/1f91e076a585118495b976a413c1df40f6fd3d41
https://github.com/facebook/hhvm/commit/1f91e076a585118495b976a413c1df40f6fd3d41