RSS   Podatności dla 'Client'   RSS

2020-04-01
 
CVE-2020-11470

CWE-862
 

 
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access.

 
 
CVE-2020-11469

CWE-269
 

 
Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot.

 
2019-07-12
 
CVE-2019-13567

CWE-20
 

 
The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute code with a maliciously crafted launch URL. NOTE: ZoomOpener is removed by the Apple Malware Removal Tool (MRT) if this tool is enabled and has the 2019-07-10 MRTConfigData.

 

 >>> Vendor: ZOOM 5 Produkty
Model 5560 x3 ethernet adsl modem
Zoom cloud meetings
ZOOM
Client
Meetings


Copyright 2020, cxsecurity.com

 

Back to Top