WhatsApp fixes bug that would have let hackers exploit devices using MP4 files

WhatsApp has fixed a vulnerability involving malicious MP4 video files that could potentially allow an attacker to remotely access messages and files stored in the app. The flaw — identified as CVE-2019-11931 — made it possible for attackers to send a specially crafted MP4 file to remotely execute malicious code on the victim’s device without any intervention. In an advisory posted on its site, Facebook said: A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file…

This story continues at The Next Web

Or just read more coverage about: WhatsApp

source https://thenextweb.com/security/2019/11/18/whatsapp-fixes-bug-that-would-have-let-hackers-exploit-devices-using-mp4-files/