CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-6349

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1780%
EPSS Percentile7.64th
Published2019年6月14日
Last Modified2025年9月3日

Vulnerability Description

When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android prior to 2.18.248 and WhatsApp Business for Android prior to 2.18.132.

Affected Platforms (CPE)

📦
Whatsapp

Whatsapp

< 2.18.248
📦
Whatsapp

Whatsapp Business

< 2.18.132

References & Advisories

🔗 http://www.securityfocus.com/bid/108804
🔗 https://www.facebook.com/security/advisories/cve-2018-6349/
🔗 http://www.securityfocus.com/bid/108804
🔗 https://www.facebook.com/security/advisories/cve-2018-6349/

関連する脆弱性情報

CVE-2020-188910.0

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron ...

CVE-2018-63399.8

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed ...

CVE-2018-63509.8

An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for ...

CVE-2018-206559.8

When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based ...