Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initialization vector.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Facebook HipHop Virtual Machine 加密问题漏洞
Vulnerability Description
Facebook HipHop Virtual Machine(HHVM)是美国Facebook公司的一款能够显著提高PHP加载动态页面性能的虚拟机。 Facebook HHVM 3.2.0及之前版本的hphp/runtime/ext/mcrypt/ext_mcrypt.cpp文件中的‘mcrypt_create_iv’函数存在安全漏洞,该漏洞源于程序没有为随机数生成器分配种子。远程攻击者可利用该漏洞破坏加密保护机制。
CVSS Information
N/A
Vulnerability Type
N/A