what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2019-11932

Status Candidate

Overview

A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.

Related Files

WhatsApp Remote Code Execution
Posted Jul 5, 2020
Authored by Ashu Jaiswal

Whitepaper discussing how to leverage the WhatsApp remote code execution vulnerability that takes advantage of a double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library.

tags | paper, remote, code execution
advisories | CVE-2019-11932
MD5 | 9970cc4e34af7ebf4899a50eaf2a2bc7
WhatsApp android-gif-drawable Double-Free
Posted Jul 5, 2020
Authored by Ashu Jaiswal | Site github.com

Proof of concept exploit that leverages a double-free in the DDGifSlurp function in decoding.c in the android-gif-drawable library in order to achieve remote code execution in WhatsApp.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-11932
MD5 | 114e0559ea9446171ccf0388c938ad4b
Android-Gif-Drawable Double-Free
Posted Nov 27, 2019
Authored by Marcin Kozlowski

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

tags | advisory, remote, denial of service, arbitrary
advisories | CVE-2019-11932
MD5 | a6614c2514fa1b374a4aab6d0310003c
Whatsapp 2.19.216 Remote Code Execution
Posted Oct 16, 2019
Authored by Valerio Brussani

Whatsapp version 2.19.216 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11932
MD5 | bb8020ea612d6105eb21db5cad4eec5d
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close