Fred Emmott

6 exploits Active since Dec 2018
CVE-2018-6334 WRITEUP CRITICAL WRITEUP
HHVM <3.25.1-3.21.9 - Info Disclosure
Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below).
CVSS 9.8
CVE-2018-6335 WRITEUP HIGH WRITEUP
HHVM < 3.21.10 - Denial of Service via Malformed HTTP/2 Frame
A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.
CVSS 7.5
CVE-2018-6337 WRITEUP HIGH WRITEUP
Facebook Folly 2017.12.11.00-2018.08.09.00 and HHVM 3.26-3.26.3 - Weak Randomness via Forked Process Buffer Reuse
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.
CVSS 7.5
CVE-2018-6337 WRITEUP HIGH WRITEUP
Facebook Folly 2017.12.11.00-2018.08.09.00 and HHVM 3.26-3.26.3 - Weak Randomness via Forked Process Buffer Reuse
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.
CVSS 7.5
CVE-2019-3569 WRITEUP HIGH WRITEUP
HHVM < 3.30.5 and 4.0-4.8 - Unintended FastCGI Interface Binding
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.
CVSS 7.5
CVE-2019-3570 WRITEUP CRITICAL WRITEUP
Facebook Hiphop Virtual Machine < 3.30.5 - Out-of-Bounds Write
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would attempt to verify it by re-running scrypt_enc() with the same parameters. This could result in information disclosure, memory being overwriten or crashes of the HHVM process. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.
CVSS 9.8