CVE-2019-11931 vulnerability in WhatsApp Products
Published on November 14, 2019
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2019-11931 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2019-11931
Want to know whenever a new CVE is published for WhatsApp products? stack.watch will email you.
Affected Versions
Facebook WhatsApp for Android:- Version 2.19.274 is affected.
- Version unspecified and below 2.19.274 is affected.
- Version 2.19.100 is affected.
- Version unspecified and below 2.19.100 is affected.
- Version unspecified, <= 2.18.368 is affected.
- Version 2.25.3 is affected.
- Version unspecified and below 2.25.3 is affected.
- Version 2.19.104 is affected.
- Version unspecified and below 2.19.104 is affected.
- Version 2.19.100 is affected.
- Version unspecified and below 2.19.100 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.