CVE-2020-1907 (GCVE-0-2020-1907)
Vulnerability from cvelistv5 – Published: 2020-10-06 17:35 – Updated: 2024-08-04 06:53
VLAI?
Summary
A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.
Severity ?
No CVSS data available.
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WhatsApp for Android |
Affected:
2.20.196.16
Affected: unspecified , < 2.20.196.16 (custom) |
|||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.whatsapp.com/security/advisories/2020/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WhatsApp for Android",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.20.196.16"
},
{
"lessThan": "2.20.196.16",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "WhatsApp Business for Android",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.20.196.12"
},
{
"lessThan": "2.20.196.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "WhatsApp for iOS",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.20.90"
},
{
"lessThan": "2.20.90",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "WhatsApp Business for iOS",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "2.20.90"
},
{
"lessThan": "2.20.90",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "WhatsApp for Portal",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "173.0.0.29.505"
},
{
"lessThan": "173.0.0.29.505",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2020-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T17:35:27",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.whatsapp.com/security/advisories/2020/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2020-10-06",
"ID": "CVE-2020-1907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WhatsApp for Android",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.20.196.16"
},
{
"version_affected": "\u003c",
"version_value": "2.20.196.16"
}
]
}
},
{
"product_name": "WhatsApp Business for Android",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.20.196.12"
},
{
"version_affected": "\u003c",
"version_value": "2.20.196.12"
}
]
}
},
{
"product_name": "WhatsApp for iOS",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.20.90"
},
{
"version_affected": "\u003c",
"version_value": "2.20.90"
}
]
}
},
{
"product_name": "WhatsApp Business for iOS",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "2.20.90"
},
{
"version_affected": "\u003c",
"version_value": "2.20.90"
}
]
}
},
{
"product_name": "WhatsApp for Portal",
"version": {
"version_data": [
{
"version_affected": "!=\u003e",
"version_value": "173.0.0.29.505"
},
{
"version_affected": "\u003c",
"version_value": "173.0.0.29.505"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.whatsapp.com/security/advisories/2020/",
"refsource": "CONFIRM",
"url": "https://www.whatsapp.com/security/advisories/2020/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1907",
"datePublished": "2020-10-06T17:35:27",
"dateReserved": "2019-12-02T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*\", \"versionEndExcluding\": \"2.20.90\", \"matchCriteriaId\": \"E27F4563-ACF1-44D8-BC87-477D935B8F99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"2.20.196.16\", \"matchCriteriaId\": \"52C884A6-89FA-47EE-BC8E-C15BE7A6C125\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:portal:*:*\", \"versionEndExcluding\": \"173.0.0.29.505\", \"matchCriteriaId\": \"E0CC3EA5-3726-4B82-8BD6-F49C3B1707E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:iphone_os:*:*\", \"versionEndExcluding\": \"2.20.90\", \"matchCriteriaId\": \"ACB71228-9A27-43B1-A54A-98A6ED1316C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"2.20.196.12\", \"matchCriteriaId\": \"1D6120AE-331E-43D5-A8F3-0656AC0C2184\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento de pila en WhatsApp para Android anterior a versi\\u00f3n v2.20.196.16, WhatsApp Business para Android anterior a versi\\u00f3n v2.20.196.12, WhatsApp para iOS anterior a versi\\u00f3n v2.20.90, WhatsApp Business para iOS anterior a versi\\u00f3n v2.20.90 y WhatsApp para Portal anterior a versi\\u00f3n v173.0.0.29.505, podr\\u00eda haber permitido una ejecuci\\u00f3n de c\\u00f3digo arbitrario cuando analiza el contenido de un encabezado RTP Extension\"}]",
"id": "CVE-2020-1907",
"lastModified": "2024-11-21T05:11:35.333",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-10-06T18:15:17.187",
"references": "[{\"url\": \"https://www.whatsapp.com/security/advisories/2020/\", \"source\": \"cve-assign@fb.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.whatsapp.com/security/advisories/2020/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve-assign@fb.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve-assign@fb.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-1907\",\"sourceIdentifier\":\"cve-assign@fb.com\",\"published\":\"2020-10-06T18:15:17.187\",\"lastModified\":\"2024-11-21T05:11:35.333\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, and WhatsApp for Portal prior to v173.0.0.29.505 could have allowed arbitrary code execution when parsing the contents of an RTP Extension header.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de pila en WhatsApp para Android anterior a versi\u00f3n v2.20.196.16, WhatsApp Business para Android anterior a versi\u00f3n v2.20.196.12, WhatsApp para iOS anterior a versi\u00f3n v2.20.90, WhatsApp Business para iOS anterior a versi\u00f3n v2.20.90 y WhatsApp para Portal anterior a versi\u00f3n v173.0.0.29.505, podr\u00eda haber permitido una ejecuci\u00f3n de c\u00f3digo arbitrario cuando analiza el contenido de un encabezado RTP Extension\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-assign@fb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*\",\"versionEndExcluding\":\"2.20.90\",\"matchCriteriaId\":\"E27F4563-ACF1-44D8-BC87-477D935B8F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"2.20.196.16\",\"matchCriteriaId\":\"52C884A6-89FA-47EE-BC8E-C15BE7A6C125\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:portal:*:*\",\"versionEndExcluding\":\"173.0.0.29.505\",\"matchCriteriaId\":\"E0CC3EA5-3726-4B82-8BD6-F49C3B1707E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:iphone_os:*:*\",\"versionEndExcluding\":\"2.20.90\",\"matchCriteriaId\":\"ACB71228-9A27-43B1-A54A-98A6ED1316C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:whatsapp:whatsapp_business:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"2.20.196.12\",\"matchCriteriaId\":\"1D6120AE-331E-43D5-A8F3-0656AC0C2184\"}]}]}],\"references\":[{\"url\":\"https://www.whatsapp.com/security/advisories/2020/\",\"source\":\"cve-assign@fb.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.whatsapp.com/security/advisories/2020/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…