Published: 14/11/2019 Updated: 19/11/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 606

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions before 2.19.274, iOS versions before 2.19.100, Enterprise Client versions before 2.25.3, Business for Android versions before 2.19.104 and Business for iOS versions before 2.19.100.

Vulnerable Product	Search on Vulmon	Subscribe to Product
whatsapp whatsapp
whatsapp whatsapp business
whatsapp whatsapp enterprise client

Who honestly has a crown prince in their threat model? UN report officially fingers Saudi royal as Bezos hacker

The Register • Kieren McCarthy in San Francisco • 22 Jan 2020

Rapporteurs call for investigation, technical security report leaks Pecker-checker Becker's hacker wrecker: Saudi cyber-crew stole Bezos's sexts from phone, fed them to tabloid – claim

The Crown Prince of Saudi Arabia, Mohammad bin Salman, has been officially fingered as the man responsible for hacking Amazon CEO Jeff Bezos’s iPhone X, causing a massive stir in diplomatic circles. Following a report yesterday that Bezos’s smartphone had been compromised by a malware-poisoned video sent directly by bin Salman to Bezos through WhatsApp, on Wednesday two UN special rapporteurs named the head of the oil state as the source of digital spyware, and called for an “immediate inv...

CVE-2019-11931

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect