Lucene search
TenableCVELIST:CVE-2018-15715HistoryNov 29, 2018 - 12:00 a.m.
CVE-2018-15715
2018-11-2900:00:00
CWE-290
tenable
www.cve.org
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke functionality in the target client. This allows the attacker to remove attendees from meetings, spoof messages from users, or hijack shared screens.
CNA Affected
[
{
"product": "Zoom",
"vendor": "Zoom",
"versions": [
{
"status": "affected",
"version": "Zoom on Windows before version 4.1.34814.1119, Zoom on Mac OS before version 4.1.34801.1116, Zoom on Linux version 2.4.129780.0915 and below."
}
]
}
]Related
checkpoint_advisories
checkpoint_advisories
Zoom Desktop Application Unauthorized UDP Message (CVE-2018-15715)
2018-12-24 00:00:00
nvd
nvd
CVE-2018-15715
2018-11-30 20:29:00
cve
cve
CVE-2018-15715
2018-11-30 20:29:00
nessus
nessus
Zoom Client for Meetings < 4.1.34460.1105 Vulnerability (ZSB-18001)
2022-12-15 00:00:00
Zoom Client for Meetings 4.x < 4.1.34801.1116 Message Spoofing Vulnerability (macOS)
2018-11-28 00:00:00
Zoom Client for Meetings 4.x < 4.1.34814.1119 Message Spoofing Vulnerability
2018-11-28 00:00:00
prion
prion
Design/Logic Flaw
2018-11-30 20:29:00
threatpost
threatpost
Critical Zoom Flaw Lets Hackers Hijack Conference Meetings
2018-11-29 19:02:54
openvas
openvas
Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)
2021-10-12 00:00:00
kaspersky
kaspersky
KLA11797 Security vulnerability in Zoom
2018-10-05 00:00:00