Advertisement
Top
image credit: Pixabay

WhatsApp Vulnerability Allows Code Execution Via Malicious MP4 File

November 18, 2019

Via: Security Week
Category:

A security vulnerability in WhatsApp that was made public last week could be abused to execute arbitrary code remotely on affected devices.

Tracked as CVE-2019-11931, the issue is a stack-based buffer overflow that can be triggered by sending a specially crafted MP4 file via WhatsApp, Facebook explains in an advisory.

The buffer overflow occurs when the application parses the elementary stream metadata of an MP4 file. An attacker could target the security bug to trigger a denial of service (DoS) or to execute code remotely.

Read More on Security Week

RELATED PUBLICATIONS

Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
TA547 targets German organizations with Rhadamanthys malware

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!