Facebook Discloses Vulnerability in WhatsApp Messaging Software
Facebook has disclosed the existence of a vulnerability leading to remote code execution attacks in WhatsApp messaging software.
According to a ZDnet report, the company said in a security advisory that the WhatsApp bug, tracked as CVE-2019-11931, is a stack-based buffer overflow issue which can be triggered by attackers sending crafted .MP4 video files to victims. In addition, Facebook said that the problem was caused by how the encrypted messaging app parses .MP4 elementary stream metadata that if exploited, the vulnerability can lead to denial-of-service (DoS) or remote code execution (RCE) attacks. There are not many technical details available, notes the report.