CVE-2019-15502
https://notcve.org/view.php?id=CVE-2019-15502
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE). El cliente TeamSpeak versiones anteriores a 3.3.2, permite a los servidores remotos activar un bloqueo por medio de la secuencia de bytes 0xe2 0x81 0xa8 0xe2 0x81 0xa7, también se conoce como caracteres Unicode U+2068 (FIRST STRONG ISOLATE) y U+2067 (RIGHT-TO-LEFT ISOLATE). • https://forum.teamspeak.com/threads/141134-Release-TeamSpeak-Client-3-3-2 https://r4p3.net/threads/teamkilled-new-teamspeak-crash.8144 https://www.youtube.com/watch?v=PlVbPIs75D4 •
CVE-2019-11351
https://notcve.org/view.php?id=CVE-2019-11351
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. El TeamSpeak Client versión 3 anterior a 3.2.5 permite la ejecución de código remota en el framework Qt. • https://forum.teamspeak.com/threads/139546-Release-TeamSpeak-3-Client-3-2-5 https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-004.md • CWE-426: Untrusted Search Path •
CVE-2017-9982
https://notcve.org/view.php?id=CVE-2017-9982
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. El cliente TeamSpeak en su versión 3.0.19 permite a un atacante remoto causar una denegación de servicio (caída de la aplicación) mediante el caracter Unicode ? seguido del carácter Unicode ?. • http://www.securityfocus.com/bid/99308 https://pastebin.com/4Ngstncy https://www.youtube.com/watch?v=8BrQCUOgQL0 • CWE-20: Improper Input Validation •
CVE-2017-8290 – TeamSpeak Client 3.1.4 Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-8290
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. Se ha identificado una potencial vulnerabilidad de desbordamiento de búfer (de un problema de manejo de código BB) en TeamSpeak Server versión 3.0.13.6 (11/08/2016 09:48:33) , que habilita a los usuarios Bloquear a cualquier cliente de WINDOWS que haya cliqueado en un canal vulnerable de un servidor TeamSpeak. TeamSpeak client version 3.1.4 suffers from a buffer overflow vulnerability. • http://packetstormsecurity.com/files/143053/TeamSpeak-Client-3.1.4-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-7222 – TeamSpeak Client 3.0.14 - Buffer Overflow
https://notcve.org/view.php?id=CVE-2014-7222
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags. Desbordamiento de búfer en el cliente de TeamSpeak 3.0.14 y anteriores permite que los usuarios autenticados remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) conectándose a un canal con una instancia de cliente diferente y ubicando datos manipulados en la pestaña de Chat/Server con dos caracteres \\ (barra invertida), un dígito, un \ (barra invertida), y "z" en una serie de etiquetas BBCDOE img anidadas. TeamSpeak Client version 3.0.14 suffers from a buffer overflow vulnerability. • https://www.exploit-db.com/exploits/34857 http://packetstormsecurity.com/files/128571/TeamSpeak-Client-3.0.14-Buffer-Overflow.html http://r4p3.net/forum/reverse-engineering/38/teamspeak-3-exploit-bb-code-freeze-crash-not-responding/905 http://r4p3.net/public/ts3bbcodefreeze.txt http://www.securityfocus.com/bid/70219 https://exchange.xforce.ibmcloud.com/vulnerabilities/96890 • CWE-20: Improper Input Validation •