What is CVE-2019-11931?

CVE-2019-11931 is a vulnerability in Facebook Whatsapp Business For Android, classified under Stack-based Buffer Overflow. Published 2019-11-14.

Is CVE-2019-11931 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Facebook Whatsapp Business For Android

CVE-2019-11931

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This…

Vulnerability class: Buffer Overflow

EPSS: 0.005 (66.1th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp Business For Android — versions 2.19.104, unspecified
Facebook Whatsapp Business For Ios — versions 2.19.100, unspecified
Facebook Whatsapp Enterprise Client — versions 2.25.3, unspecified
Facebook Whatsapp For Android — versions 2.19.274, unspecified
Facebook Whatsapp For Ios — versions 2.19.100, unspecified
Facebook Whatsapp For Windows Phone — versions unspecified

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

www.facebook.com/security/advisories/cve-2019-11931 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-11931?: CVE-2019-11931 is a vulnerability in Facebook Whatsapp Business For Android, classified under Stack-based Buffer Overflow. Published 2019-11-14.
Is CVE-2019-11931 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.