WhatsApp has fixed a vulnerability involving awful MP4 video files that could potentially allow an antagonist to accidentally access letters and files stored in the app.

The flaw — articular as CVE-2019-11931 — made it accessible for attackers to send a distinctively crafted MP4 file to accidentally assassinate awful code on the victim’s device after any intervention.

In an advising posted on its site, Facebook said:

A stack-based buffer overflow could be triggered in WhatsApp by sending a distinctively crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS [denial of service] or RCE [remote code execution].

However, the attendance of the flaw alone doesn’t mean it could be used for abominable purposes. As is often the case, it can be an entry point for an accomplishment chain that links calm a group of aegis vulnerabilities, thereby allowing a hacker to access agenda protections.

When we accomplished out for a response, a spokesperson for the aggregation said, “WhatsApp is consistently alive to advance the aegis of our service. We make public, letters on abeyant issues we have fixed constant with industry best practices. In this instance there is no reason to accept users were impacted.”

The bug afflicted Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100.

While there’s no adumbration that the flaw was exploited, the acknowledgment comes weeks after WhatsApp appear that at least two dozen academics, lawyers, Dalit activists, and journalists in India were the target of surveillance by threat operators using aegis firm NSO Group’s Pegasus spyware.

The social media giant has also sued the Israeli company for base a now-fixed video calling flaw in WhatsApp account to surveil over 1,400 users.

Read next: 146 aegis flaws baldheaded in pre-installed Android apps