what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2019-11932

Status Candidate

Overview

A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.

Related Files

WhatsApp Remote Code Execution
Posted Jul 5, 2020
Authored by Ashu Jaiswal

Whitepaper discussing how to leverage the WhatsApp remote code execution vulnerability that takes advantage of a double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library.

tags | paper, remote, code execution
advisories | CVE-2019-11932
MD5 | 9970cc4e34af7ebf4899a50eaf2a2bc7
WhatsApp android-gif-drawable Double-Free
Posted Jul 5, 2020
Authored by Ashu Jaiswal | Site github.com

Proof of concept exploit that leverages a double-free in the DDGifSlurp function in decoding.c in the android-gif-drawable library in order to achieve remote code execution in WhatsApp.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2019-11932
MD5 | 114e0559ea9446171ccf0388c938ad4b
Android-Gif-Drawable Double-Free
Posted Nov 27, 2019
Authored by Marcin Kozlowski

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

tags | advisory, remote, denial of service, arbitrary
advisories | CVE-2019-11932
MD5 | a6614c2514fa1b374a4aab6d0310003c
Whatsapp 2.19.216 Remote Code Execution
Posted Oct 16, 2019
Authored by Valerio Brussani

Whatsapp version 2.19.216 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11932
MD5 | bb8020ea612d6105eb21db5cad4eec5d
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close