CVE-2019-11931
Summary
| CVE | CVE-2019-11931 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-11-14 23:15:00 UTC |
| Updated | 2019-11-19 13:39:00 UTC |
| Description | A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | All | All | All | All | ||
| Application | Whatsapp Business | All | All | All | All | |
| Application | Whatsapp Business | All | All | All | All | |
| Application | Whatsapp Business | All | All | All | All | |
| Application | Whatsapp Business | All | All | All | All | |
| Application | Whatsapp Enterprise Client | All | All | All | All | |
| Application | Whatsapp Enterprise Client | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CONFIRM | www.facebook.com | Third Party Advisory | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.