CVE-2017-15048

HIGH

Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-15048. PoCs published by Conviso.

AI-analyzed exploit summary This advisory describes a stack-based buffer overflow vulnerability in the Zoom Linux client (CVE-2017-15048), where user input is concatenated to a stack variable without bounds checking, potentially allowing remote code execution via the zoommtg:// scheme handler.

Description

Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Conviso · textdoslinux
https://www.exploit-db.com/exploits/43355

This advisory describes a stack-based buffer overflow vulnerability in the Zoom Linux client (CVE-2017-15048), where user input is concatenated to a stack variable without bounds checking, potentially allowing remote code execution via the zoommtg:// scheme handler.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Zoom client for Linux, version 2.0.106600.0904
No auth needed
Prerequisites: Victim must have the vulnerable Zoom client installed · Attacker must deliver a malicious zoommtg:// URI to the victim
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2017/Dec/46
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/43355/

Scores

CVSS v3 8.8
EPSS 0.1016
EPSS Percentile 95.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
zoom/zoom < 2.0.115900.1201
Published Dec 19, 2017
Tracked Since Feb 18, 2026