Whitepaper discussing how to leverage the WhatsApp remote code execution vulnerability that takes advantage of a double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library.
9970cc4e34af7ebf4899a50eaf2a2bc7
Proof of concept exploit that leverages a double-free in the DDGifSlurp function in decoding.c in the android-gif-drawable library in order to achieve remote code execution in WhatsApp.
114e0559ea9446171ccf0388c938ad4b
A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.
a6614c2514fa1b374a4aab6d0310003c
Whatsapp version 2.19.216 suffers from a remote code execution vulnerability.
bb8020ea612d6105eb21db5cad4eec5d