CVE-2019-11931

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:windows:*:*
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*
cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:android:*:*
cpe:2.3:a:whatsapp:whatsapp_enterprise_client:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:22

Type Values Removed Values Added
References () https://www.facebook.com/security/advisories/cve-2019-11931 - Third Party Advisory () https://www.facebook.com/security/advisories/cve-2019-11931 - Third Party Advisory

Information

Published : 2019-11-14 23:15

Updated : 2024-11-21 04:22


NVD link : CVE-2019-11931

Mitre link : CVE-2019-11931

CVE.ORG link : CVE-2019-11931


JSON object : View

Products Affected

whatsapp

  • whatsapp
  • whatsapp_business
  • whatsapp_enterprise_client
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write