Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG	(revision 2139)
+++ branches/2.8.x/CHANGELOG	(revision 2140)
@@ -10,6 +10,8 @@
 # = Bugfix
 ! = Update/Change
 ===============================================================================
+13 Dec -2015 Build 2140 Manuela v.d.Decken(DarkViper)
+# class SecureTokens::addToken() fixed integer overflow problem on 32bit platforms
 10 Dec -2015 Build 2139 Manuela v.d.Decken(DarkViper)
 # class SecureTokens: ::buildFingerprint() fixed server identification an add protection of file SecureTokens.php
 05 Nov -2015 Build 2138 Manuela v.d.Decken(DarkViper)
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php	(revision 2139)
+++ branches/2.8.x/wb/admin/interface/version.php	(revision 2140)
@@ -51,5 +51,5 @@
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
 if(!defined('VERSION')) define('VERSION', '2.8.4');
-if(!defined('REVISION')) define('REVISION', '2139');
+if(!defined('REVISION')) define('REVISION', '2140');
 if(!defined('SP')) define('SP', '');
Index: branches/2.8.x/wb/framework/SecureTokens.php
===================================================================
--- branches/2.8.x/wb/framework/SecureTokens.php	(revision 2139)
+++ branches/2.8.x/wb/framework/SecureTokens.php	(revision 2140)
@@ -337,11 +337,22 @@
  */
     private function addToken($sTokenName, $sValue)
     {
-        $sTokenName = substr($sTokenName, 0, 16);
+        // limit TokenName to 16 digits
+        $sTokenName = substr(str_pad($sTokenName, 16, '0', STR_PAD_LEFT), -16);
+        // make sure, first digit is a alpha char [a-f]
         $sTokenName[0] = dechex(10 + (hexdec($sTokenName[0]) % 5));
+        // loop as long the generated TokenName already exists in list
         while (isset($this->aTokens[$sTokenName])) {
-            $sTokenName = sprintf('%16x', hexdec($sTokenName)+1);
+            // split TokenName into 4 words
+            $aWords = str_split($sTokenName, 4);
+            // get lowest word and increment it
+            $iWord = hexdec($aWords[3]) + 1;
+            // reformat integer into a 4 digit hex string
+            $aWords[3] = sprintf('%04x', ($iWord > 0xffff ? 1 : $iWord));
+            // rebuild the TokenName
+            $sTokenName = implode('', $aWords);
         }
+        // store Token in list
         $this->aTokens[$sTokenName] = array(
             'value'    => $sValue,
             'expire'   => $this->iExpireTime,