Buffer overflow in Facebook Whatsapp Business For Ios

CVE-2018-20655

When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2…

Vulnerability class: Buffer Overflow

EPSS: 0.013 (79.9th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp Business For Ios — versions 2.18.90.24, unspecified
Facebook Whatsapp For Ios — versions 2.18.90.24, unspecified

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

www.facebook.com/security/advisories/cve-2018-20655/ (x_refsource_MISC)
108805 (vdb-entry, x_refsource_BID)