exploitDog

GHSA-2597-6hvw-h9cx

Опубликовано: 12 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.

Ссылки

EPSS

Процентиль: 70%

0.00643

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-28750

CVSS3: 7.5

nvd

больше 3 лет назад

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.

EPSS

Процентиль: 70%

0.00643

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787