Gabriel Quadros - Security Researcher - Exploit Intelligence Platform

CVE-2017-15048 WRITEUP HIGH WRITEUP

Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler

Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

CVSS 8.8

View Code

CVE-2017-15049 WRITEUP HIGH WRITEUP

Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler

The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

CVSS 8.8

View Code

CVE-2017-15049 EXPLOITDB HIGH text WORKING POC

Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler

The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

CVSS 8.8

View Code

CVE-2017-15048 EXPLOITDB HIGH text WRITEUP

Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler

Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

CVSS 8.8

View Code