CVE-2020-1903

Summary

An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have resulted in an out-of-memory denial of service. This issue would have required the receiver to explicitly open the attachment if it was received from a number not in the receiver's WhatsApp contacts.

Affected Software

VendorProductVersion RangeStatus
FacebookWhatsApp for iOS2.20.61affected
FacebookWhatsApp for iOSunspecified < 2.20.61affected
FacebookWhatsApp Business for iOS2.20.61affected
FacebookWhatsApp Business for iOSunspecified < 2.20.61affected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References