CVE-2019-15502
https://notcve.org/view.php?id=CVE-2019-15502
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE). El cliente TeamSpeak versiones anteriores a 3.3.2, permite a los servidores remotos activar un bloqueo por medio de la secuencia de bytes 0xe2 0x81 0xa8 0xe2 0x81 0xa7, también se conoce como caracteres Unicode U+2068 (FIRST STRONG ISOLATE) y U+2067 (RIGHT-TO-LEFT ISOLATE). • https://forum.teamspeak.com/threads/141134-Release-TeamSpeak-Client-3-3-2 https://r4p3.net/threads/teamkilled-new-teamspeak-crash.8144 https://www.youtube.com/watch?v=PlVbPIs75D4 •
CVE-2019-11351
https://notcve.org/view.php?id=CVE-2019-11351
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. El TeamSpeak Client versión 3 anterior a 3.2.5 permite la ejecución de código remota en el framework Qt. • https://forum.teamspeak.com/threads/139546-Release-TeamSpeak-3-Client-3-2-5 https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-004.md • CWE-426: Untrusted Search Path •
CVE-2017-9982
https://notcve.org/view.php?id=CVE-2017-9982
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. El cliente TeamSpeak en su versión 3.0.19 permite a un atacante remoto causar una denegación de servicio (caída de la aplicación) mediante el caracter Unicode ? seguido del carácter Unicode ?. • http://www.securityfocus.com/bid/99308 https://pastebin.com/4Ngstncy https://www.youtube.com/watch?v=8BrQCUOgQL0 • CWE-20: Improper Input Validation •
CVE-2017-8290 – TeamSpeak Client 3.1.4 Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-8290
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. Se ha identificado una potencial vulnerabilidad de desbordamiento de búfer (de un problema de manejo de código BB) en TeamSpeak Server versión 3.0.13.6 (11/08/2016 09:48:33) , que habilita a los usuarios Bloquear a cualquier cliente de WINDOWS que haya cliqueado en un canal vulnerable de un servidor TeamSpeak. TeamSpeak client version 3.1.4 suffers from a buffer overflow vulnerability. • http://packetstormsecurity.com/files/143053/TeamSpeak-Client-3.1.4-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-3383
https://notcve.org/view.php?id=CVE-2010-3383
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. Las secuencias de comandos (1) teamspeak y (2) teamspeak-server en TeamSpeak v2.0.32 colocan un nombre de directorio de longitud cero en LD_LIBRARY_PATH, permitiendo a usuarios locales conseguir privilegios a través de una biblioteca compartida (caballo de Troya) en el directorio de trabajo actual. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598304 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598305 •