1 results (0.003 seconds)
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 1
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 1CVE-2019-13450
https://notcve.org/view.php?id=CVE-2019-13450
09 Jul 2019 — In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. Blocking exploitation requires additional steps, such as the ZDisableVideo preference and/or killing the web server, deleting the ~/.zoomus direc... • http://www.securityfocus.com/bid/109082 • CWE-862: Missing Authorization •