Vulnerabilities > CVE-2016-1000006 - Use After Free vulnerability in Facebook Hhvm
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1000006.html
- https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1000006.html
- https://security-tracker.debian.org/tracker/CVE-2016-1000006
- https://security-tracker.debian.org/tracker/CVE-2016-1000006
- https://www.mail-archive.com/debian-devel-changes%40lists.debian.org/msg506329.html
- https://www.mail-archive.com/debian-devel-changes%40lists.debian.org/msg506329.html