Lucene search
PRIOn knowledge basePRION:CVE-2018-15715HistoryNov 30, 2018 - 8:29 p.m.
Design/Logic Flaw
2018-11-3020:29:00
PRIOn knowledge base
www.prio-n.com
3
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke functionality in the target client. This allows the attacker to remove attendees from meetings, spoof messages from users, or hijack shared screens.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zoom | lt | 4.1.34814.1119 | |
| zoom | lt | 4.1.34801.1116 | |
| zoom | le | 2.4.129780.0915 |
Related
checkpoint_advisories
checkpoint_advisories
Zoom Desktop Application Unauthorized UDP Message (CVE-2018-15715)
2018-12-24 00:00:00
cvelist
cvelist
CVE-2018-15715
2018-11-29 00:00:00
nvd
nvd
CVE-2018-15715
2018-11-30 20:29:00
cve
cve
CVE-2018-15715
2018-11-30 20:29:00
nessus
nessus
Zoom Client for Meetings < 4.1.34460.1105 Vulnerability (ZSB-18001)
2022-12-15 00:00:00
Zoom Client for Meetings 4.x < 4.1.34814.1119 Message Spoofing Vulnerability
2018-11-28 00:00:00
Zoom Client for Meetings < 2.5.146186.1130 Vulnerability (ZSB-18001)
2022-12-15 00:00:00
threatpost
threatpost
Critical Zoom Flaw Lets Hackers Hijack Conference Meetings
2018-11-29 19:02:54
openvas
openvas
Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)
2021-10-12 00:00:00
kaspersky
kaspersky
KLA11797 Security vulnerability in Zoom
2018-10-05 00:00:00