CVE-2019-11932

Related Files

WhatsApp Remote Code Execution

Posted Jul 5, 2020

Authored by Ashu Jaiswal

Whitepaper discussing how to leverage the WhatsApp remote code execution vulnerability that takes advantage of a double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library.

tags | paper, remote, code execution

advisories | CVE-2019-11932

MD5 | 9970cc4e34af7ebf4899a50eaf2a2bc7

Download | Favorite | View

WhatsApp android-gif-drawable Double-Free

Posted Jul 5, 2020

Authored by Ashu Jaiswal | Site github.com

Proof of concept exploit that leverages a double-free in the DDGifSlurp function in decoding.c in the android-gif-drawable library in order to achieve remote code execution in WhatsApp.

tags | exploit, remote, code execution, proof of concept

advisories | CVE-2019-11932

MD5 | 114e0559ea9446171ccf0388c938ad4b

Download | Favorite | View

Android-Gif-Drawable Double-Free

Posted Nov 27, 2019

Authored by Marcin Kozlowski

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

tags | advisory, remote, denial of service, arbitrary

advisories | CVE-2019-11932

MD5 | a6614c2514fa1b374a4aab6d0310003c

Download | Favorite | View

Whatsapp 2.19.216 Remote Code Execution

Posted Oct 16, 2019

Authored by Valerio Brussani

Whatsapp version 2.19.216 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2019-11932

MD5 | bb8020ea612d6105eb21db5cad4eec5d

Download | Favorite | View