CVE-2016-6873
critical
CVSS v3
9.8
CVSS v2
7.5
VIR risk
9.8
Description
Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| hhvm | {"endIncluding":"3.14.5"} | |
References
- http://www.openwall.com/lists/oss-security/2016/08/11/1
- http://www.openwall.com/lists/oss-security/2016/08/19/1
- https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
- http://www.openwall.com/lists/oss-security/2016/08/11/1
- http://www.openwall.com/lists/oss-security/2016/08/19/1
- https://github.com/facebook/hhvm/commit/e264f04ae825a5d97758130cf8eec99862517e7e
Verify integrity in audit chain (admin only). AS-IS.