Zoom Linux Client 2.0.106600.0904 Buffer Overflow

Posted by deepcore on December 18, 2017 – 2:26 am

The binary /opt/zoom/ZoomLauncher is vulnerable to a buffer overflow because it concatenates a overly long user input to a stack variable without checking if the destination buffer is long enough to hold the data. The binary also has important security features like canary turned off. The client registers a scheme handler (zoommtg://) and this makes possible to trigger the vulnerability remotely. Version 2.0.106600.0904 is affected.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Zoom Linux Client 2.0.106600.0904 Command Injection Monstra CMS 3.0.4 Remote Shell Upload »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Zoom Linux Client 2.0.106600.0904 Buffer Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL