Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Zoom Client < 2.0.115900.1201 Multiple Vulnerabilities (Oct 2017) - Linux

Information

Severity

Severity

Critical

Family

Family

General

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The Zoom Client is prone to multiple vulnerabilities.

Insight

Insight

The following flaws exist: - CVE-2017-15048: Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler. - CVE-2017-15049: The ZoomLauncher binary in the Zoom client for Linux does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

Affected Software

Affected Software

Zoom Client versions prior to 2.0.115900.1201 on Linux.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version 2.0.115900.1201 or later.

Common Vulnerabilities and Exposures (CVE)