Allele Security Intelligence

ASA-2019-00548 – WhatsApp: Integer overflow in media parsing libraries via specially-crafted EXIF tags in WEBP images

Posted on September 28, 2019September 30, 2019 by Allele Security Intelligence in Alerts

An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images.