CVE-2019-11931

Published: Nov 14, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.

Vendor	Product	Versions
Facebook	WhatsApp for Android	affected `2.19.274` affected `unspecified - < 2.19.274`
Facebook	WhatsApp for iOS	affected `2.19.100` affected `unspecified - < 2.19.100`
Facebook	WhatsApp for Windows Phone	affected `unspecified - <= 2.18.368`
Facebook	WhatsApp Enterprise Client	affected `2.25.3` affected `unspecified - < 2.25.3`
Facebook	WhatsApp Business for Android	affected `2.19.104` affected `unspecified - < 2.19.104`
Facebook	WhatsApp Business for iOS	affected `2.19.100` affected `unspecified - < 2.19.100`

Weaknesses (CWE)

CWE-121

References

https://www.facebook.com/security/advisories/cve-2019-11931

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-11931

Description

Affected Products

Weaknesses (CWE)

References