PT-2020-15160 · Whatsapp · Whatsapp Business For Android+1

Published

2020-10-06

Updated

2020-10-13

CVE-2020-1906

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WhatsApp for Android versions prior to 2.20.130 WhatsApp Business for Android versions prior to 2.20.46

Description A buffer overflow could occur when processing malformed local videos with E-AC-3 audio streams, potentially allowing an out-of-bounds write.

Recommendations For WhatsApp for Android versions prior to 2.20.130, update to version 2.20.130 or later. For WhatsApp Business for Android versions prior to 2.20.46, update to version 2.20.46 or later.

Fix

Heap Based Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-787

Related Identifiers

CVE-2020-1906

Affected Products

Whatsapp Business For Android

Whatsapp For Android

PT-2020-15160 · Whatsapp · Whatsapp Business For Android+1

CVE-2020-1906

Weakness Enumeration

Related Identifiers

Affected Products

References · 3