Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2021/10/19 12:0 a.m.21 views

Zoom Client < 2.0.115900.1201 Multiple Vulnerabilities (Oct 2017) - Linux

The Zoom Client is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.8AI score0.17048EPSS
Exploits10References6
CVE
CVE
added 2017/12/19 3:0 p.m.91 views

CVE-2017-15049

The CVE-2017-15049 entry relates to the Zoom Linux client where the ZoomLauncher binary did not properly sanitize user input when building a shell command, enabling remote arbitrary code execution via the zoommtg:// scheme handler in versions before 2.0.115900.1201. Connected advisories and explo...

9.3CVSS8.9AI score0.17048EPSS
Exploits5References4Affected Software1
exploitpack
exploitpack
added 2017/12/18 12:0 a.m.78 views

Zoom Linux Client 2.0.106600.0904 - Command Injection

Zoom Linux Client 2.0.106600.0904 - Command Injection CONVISO-17-003 - Zoom Linux Client Command Injection Vulnerability RCE 1. Advisory Information Conviso Advisory ID: CONVISO-17-003 CVE ID: CVE-2017-15049 CVSS v2: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C Date: 2017-10-01 2. Affected Components Zoom clie...

9.3CVSS9.1AI score0.17048EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/12/18 12:0 a.m.71 views

Zoom Linux Client 2.0.106600.0904 - Command Injection

CONVISO-17-003 - Zoom Linux Client Command Injection Vulnerability RCE 1. Advisory Information Conviso Advisory ID: CONVISO-17-003 CVE ID: CVE-2017-15049 CVSS v2: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C Date: 2017-10-01 2. Affected Components Zoom client for Linux, version 2.0.106600.0904 zoomamd64.deb...

9.3CVSS8.8AI score0.17048EPSS
Exploits5
0day.today
0day.today
added 2017/12/17 12:0 a.m.80 views

Zoom Linux Client 2.0.106600.0904 Command Injection Vulnerability

The binary /opt/zoom/ZoomLauncher is vulnerable to command injection because it uses user input to construct a shell command without proper sanitization. The client registers a scheme handler zoommtg:// and this makes possible to trigger the vulnerability remotely. Version 2.0.106600.0904 is...

9.3CVSS8.9AI score0.17048EPSS
Exploits5
Packet Storm
Packet Storm
added 2017/12/17 12:0 a.m.94 views

Zoom Linux Client 2.0.106600.0904 Command Injection

CONVISO-17-003 - Zoom Linux Client Command Injection Vulnerability RCE 1. Advisory Information Conviso Advisory ID: CONVISO-17-003 CVE ID: CVE-2017-15049 CVSS v2: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C Date: 2017-10-01 2. Affected Components Zoom client for Linux, version 2.0.106600.0904 zoomamd64.deb...

8.8AI score0.17048EPSS
Exploits5
Rows per page
Query Builder