CVE-2019-11932— Facebook WhatsApp 资源管理错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2019-11932の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
N/A
ソース: NVD (National Vulnerability Database)
脆弱性説明
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
双重释放
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Facebook WhatsApp 资源管理错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Facebook WhatsApp是美国Facebook公司的一套利用网络传送短信的移动应用程序。该应用程序通过智能手机中的联络人信息,查找使用该软件的联络人传送文字、图片等。 基于Android平台的Facebook WhatsApp 2.19.244之前版本中的libpl_droidsonroids_gif 1.2.18之前版本的decoding.c文件的DDGifSlurp函数存在资源管理错误漏洞。远程攻击者可利用该漏洞执行任意代码或造成拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| koral-- | android-gif-drawable | unspecified ~ 1.2.18 | - |
II. CVE-2019-11932の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|---|---|---|
| 1 | double-free bug in WhatsApp exploit poc | https://github.com/dorkerdevil/CVE-2019-11932 | POC詳細 |
| 2 | Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif | https://github.com/awakened1712/CVE-2019-11932 | POC詳細 |
| 3 | This is a Automated Generate Payload for CVE-2019-11932 (WhatsApp Remote Code Execution) | https://github.com/JasonJerry/WhatsRCE | POC詳細 |
| 4 | Double-Free BUG in WhatsApp exploit poc. | https://github.com/TulungagungCyberLink/CVE-2019-11932 | POC詳細 |
| 5 | None | https://github.com/infiniteLoopers/CVE-2019-11932 | POC詳細 |
| 6 | The exploit works well until WhatsApp version 2.19.230. The vulnerability is official patched in WhatsApp version 2.19.244 | https://github.com/5l1v3r1/CVE-2019-11932 | POC詳細 |
| 7 | This native code file aims to be complementary to the published Whatsapp GIF RCE exploit by Awakened , by calculating the system() function address and ROP gadget address for different types of devices, which then can be used to successfully exploit the vulnerability. | https://github.com/valbrux/CVE-2019-11932-SupportApp | POC詳細 |
| 8 | Programa para hackear Whatsapp Mediante Gif ,asiendo un exploit con el puerto. | https://github.com/fastmo/CVE-2019-11932 | POC詳細 |
| 9 | Double-free vulnerability in DDGifSlurp in decoding.c in libpl_droidsonroids_gif can read more https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ | https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit | POC詳細 |
| 10 | None | https://github.com/SmoZy92/CVE-2019-11932 | POC詳細 |
| 11 | https://github.com/awakened1712/CVE-2019-11932 | https://github.com/dashtic172/https-github.com-awakened171 | POC詳細 |
| 12 | Whatsapp Automatic Payload Generator [CVE-2019-11932] | https://github.com/Err0r-ICA/WhatsPayloadRCE | POC詳細 |
| 13 | None | https://github.com/starling021/CVE-2019-11932-SupportApp | POC詳細 |
| 14 | None | https://github.com/primebeast/CVE-2019-11932 | POC詳細 |
| 15 | https://github.com/awakened1712/CVE-2019-11932://github.com/awakened1712/CVE-2019-11932 | https://github.com/BadAssAiras/hello | POC詳細 |
| 16 | Whatsapp remote code execution CVE-2019-11932 https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ | https://github.com/kal1gh0st/WhatsAppHACK-RCE | POC詳細 |
| 17 | None | https://github.com/zxn1/CVE-2019-11932 | POC詳細 |
| 18 | Exploit Analysis of The WhatsApp Double-Free Vulnerability (CVE-2019-11932) Using the GEF-GDB Debugger | https://github.com/k3vinlusec/WhatsApp-Double-Free-Vulnerability_CVE-2019-11932 | POC詳細 |
| 19 | CVE-2019-11932 | https://github.com/Tabni/https-github.com-awakened1712-CVE-2019-11932 | POC詳細 |
| 20 | None | https://github.com/0759104103/cd-CVE-2019-11932 | POC詳細 |
| 21 | Double-Free BUG in WhatsApp exploit poc. | https://github.com/tucommenceapousser/CVE-2019-11932 | POC詳細 |
| 22 | Double-Free BUG in WhatsApp exploit poc. | https://github.com/tucommenceapousser/CVE-2019-11932deta | POC詳細 |
| 23 | https://github.com/awakened1712/CVE-2019-11932 | https://github.com/OrdaraatSite/https-github.com-awakened171 | POC詳細 |
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2019-11932のインテリジェンス情報
请登录查看更多情报信息。
- https://www.facebook.com/security/advisories/cve-2019-11932x_refsource_CONFIRM
- https://github.com/koral--/android-gif-drawable/pull/673x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2019-11932
IV. 関連脆弱性
同じ弱点: CWE-415
- CVE-2026-23918
Apache HTTP Server: http2: double free and possible RCE on e - CVE-2026-5657
Double Free in Wireshark - CVE-2026-33824
Windows Internet Key Exchange (IKE) Service Extensions Remot - CVE-2026-32074
Windows Projected File System Elevation of Privilege Vulnera - CVE-2026-32069
Windows Projected File System Elevation of Privilege Vulnera
V. CVE-2019-11932へのコメント
まだコメントはありません