Executive Summary

Informations
NameCVE-2019-13567First vendor Publication2019-07-12
VendorCveLast vendor Modification2019-07-12

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreNot DefinedAttack RangeNot Defined
Cvss Impact ScoreNot DefinedAttack ComplexityNot Defined
Cvss Expoit ScoreNot DefinedAuthenticationNot Defined
Calculate full CVSS 2.0 Vectors scores

Detail

The Zoom Client before 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely execute code with a maliciously crafted launch URL. NOTE: ZoomOpener is removed by the Apple Malware Removal Tool (MRT) if this tool is enabled and has the 2019-07-10 MRTConfigData.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13567

Sources (Detail)

SourceUrl
MISC https://support.zoom.us/hc/en-us/articles/201361963-New-Updates-for-Mac-OS
https://twitter.com/JLLeitschuh/status/1149420685405708295
https://twitter.com/JLLeitschuh/status/1149422543658520578
https://twitter.com/riskybusiness/status/1149125147019767814
https://twitter.com/wcbowling/status/1149457231504498689

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-07-13 05:19:08
  • Multiple Updates
2019-07-12 17:18:48
  • Multiple Updates
2019-07-12 09:18:23
  • First insertion