vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application up to and including 7.0.3 for Android allows malicious users to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. The content of the replacement must be derived from the phone's IMEI. The crash occurs upon receiving a message that contains the replaced emoji.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tencent wechat |