CVE-2020-1907
N/A
N/A
Summary
A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WhatsApp for Android | 2.20.196.16 | affected | |
| WhatsApp for Android | unspecified < 2.20.196.16 | affected | |
| WhatsApp Business for Android | 2.20.196.12 | affected | |
| WhatsApp Business for Android | unspecified < 2.20.196.12 | affected | |
| WhatsApp for iOS | 2.20.90 | affected | |
| WhatsApp for iOS | unspecified < 2.20.90 | affected | |
| WhatsApp Business for iOS | 2.20.90 | affected | |
| WhatsApp Business for iOS | unspecified < 2.20.90 | affected | |
| WhatsApp for Portal | 173.0.0.29.505 | affected | |
| WhatsApp for Portal | unspecified < 173.0.0.29.505 | affected |
Weaknesses
- CWE-787: CWE-787: Out-of-bounds Write
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.