Security News > 2019 > November > WhatsApp RCE flaw can be exploited by sending malicious MP4 files

WhatsApp RCE flaw can be exploited by sending malicious MP4 files
2019-11-18 14:20

Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as possible. About the patched flaw (CVE-2019-11931) CVE-2019-11931 is a stack-based buffer overflow vulnerability that could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. “The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS … More → The post WhatsApp RCE flaw can be exploited by sending malicious MP4 files appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/h6jV30b_jqk/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11931 Out-of-bounds Write vulnerability in Whatsapp
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user.
local
low complexity
whatsapp CWE-787
7.8
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Whatsapp 5 1 11 13 16 41