← back
CVE-2019-11419

CVE-2019-11419

EPSS 4.0%
vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. The content of the replacement must be derived from the phone's IMEI. The crash occurs upon receiving a message that contains the replaced emoji.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/152947/WeChat-7.0.4-Denial-Of-Service.htmlunverifiedcve_referencewww.exploit-db.com/exploits/46853unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/152947/WeChat-7.0.4-Denial-Of-Service.htmlhttps://awakened1712.github.io/hacking/hacking-wechat-dos/https://www.exploit-db.com/exploits/46853