CVE-2018-6344
Summary
| CVE | CVE-2018-6344 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-12-31 22:29:00 UTC |
| Updated | 2020-09-18 16:51:00 UTC |
| Description | A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows Phone prior to v2.18.172. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Project Zero: Adventures in Video Conferencing Part 3: The Even Wilder World of WhatsApp | MISC | googleprojectzero.blogspot.com | Exploit, Third Party Advisory |
| WhatsApp CVE-2018-6344 Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.