Hi, please, refer to the advisory: http://foosec.com/docs/whatsapp.html
Here you have an abstract: *WhatsApp <http://www.whatsapp.com/>* advisory published in *Nov-2013* about an internal side effect - as they said - that may provoke, among others, a DoS against the application and information disclosure as well, everything without any kind of human interaction with the device. Already *solved in version 2.11.134*. Kind regards! On Thu, Nov 14, 2013 at 5:58 PM, Ander Juaristi Alamos <[email protected]>wrote: > Hi Frank, > > I just received a URL via Whatsapp from a friend, and I haven't noticed > that behavior. What's more, I don't remember if I ever noticed it. > > Could you post more precise reproduction steps, please? How did you notice > that the URL was opened in background? > > Thanks. > > > > ----- Mensaje original ----- > > De: Frank Habermann > > Enviado: 14-11-13 13:02 > > Para: [email protected] > > Asunto: [Full-disclosure] whatsapp opening url in background > > > Hi List, > > i wonder about url opening in background in whatsapp. > I am using an android phone. > > If i send a url to some other user(with android) in whatsapp my whatsapp > and the the other user is opening the url in background without any user > interaction. > Is this normal? > > I could reproduce this only on android. Not on ios. > > Is this a android problem or a whatsapp problem? > Sounds very strange and insecure for me. > > regards, > Frank > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
