Security Advisory

CVE-2014-5386

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-12-28 15:00:00

Last updated 2024-08-06 11:41:49

Assigner mitre

State PUBLISHED

Description

The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initialization vector.

← Browse all CVEs View on cve.org ↗