Описание
A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows Phone prior to v2.18.172.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.18.93 (исключая)Версия до 2.18.172 (исключая)Версия до 2.18.293 (исключая)
Одно из
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:windows_phone:*:*
cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*
EPSS
Процентиль: 68%
0.00555
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-122
CWE-787
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows Phone prior to v2.18.172.
EPSS
Процентиль: 68%
0.00555
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-122
CWE-787