CVE-2016-6870
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
Date published : 2017-02-17
https://github.com/facebook/hhvm/commit/365abe807cab2d60dc9ec307292a06181f77a9c2