CVE-2020-1917— Katy Voor HHVM 缓冲区错误漏洞

N/A

xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was not using its standard append char function. As a result, if the buffer was full, it would result in an out-of-bounds write. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.

N/A

堆缓冲区溢出

Katy Voor HHVM 缓冲区错误漏洞

Katy Voor HHVM是 （Katy Voor）开源的一个应用软件。提供一个开放源代码的虚拟机，旨在执行用Hack编写的程序。 HHVM 存在安全漏洞，该漏洞源于如果缓冲区已满，将导致写入越界。以下产品及版本受到影响：HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.9

N/A

N/A