CVE-2019-3568

🗓️ 14 May 2019 19:52:40Reported by facebookType

Buffer overflow in WhatsApp VOIP stack allows remote code execution via specially crafted RTCP packet

Reporter	Title	Published	Views	Family All 35
ATTACKERKB	CVE-2019-3568	14 May 201900:00	–	attackerkb
Tenable Nessus	Android Buffer Overflow in WhatsApp (CVE-2019-3568)	8 Mar 202400:00	–	nessus
BDU FSTEC	The vulnerability of the WhatsApp messaging and video call application, related to the execution of operations outside the buffer, allows a perpetrator to execute arbitrary code.	12 Nov 202100:00	–	bdu_fstec
Circl	CVE-2019-3568	14 May 201903:05	–	circl
CISA KEV Catalog	WhatsApp VOIP Stack Buffer Overflow Vulnerability	19 Apr 202200:00	–	cisa_kev
CISA	Facebook Releases Security Advisory for WhatsApp	14 May 201900:00	–	cisa
CNVD	Facebook WhatsApp Buffer Overflow Vulnerability	14 May 201900:00	–	cnvd
CVE	CVE-2019-3568	14 May 201919:52	–	cve
FireEye	Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One	6 Apr 202000:00	–	fireeye
GoogleProjectZero	TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln	2 Apr 202000:00	–	googleprojectzero

[
  {
    "product": "WhatsApp for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.19.134"
      },
      {
        "lessThan": "2.19.134",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp Business for Android",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.19.44"
      },
      {
        "lessThan": "2.19.134",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.19.51"
      },
      {
        "lessThan": "2.19.51",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp Business for iOS",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.19.51"
      },
      {
        "lessThan": "2.19.51",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp for Windows Phone",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.348"
      },
      {
        "lessThan": "2.18.348",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WhatsApp for Tizen",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "2.18.15"
      },
      {
        "lessThan": "2.18.15",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
facebook	www.facebook.com/security/advisories/cve-2019-3568
securityfocus	www.securityfocus.com/bid/108329

13 Aug 2019 20:57Current

9.5High risk

Vulners AI Score9.5

EPSS0.47368

CWE-122