The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak | 2.0.32 |
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak3 | * |
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak3 | * |
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak_client | 3.1.4 |
| teamspeak | teamspeak_server | 3.0.13.6 |
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak_client | 3.0.19 |
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak | * |
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak | * |
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| disclosure@vulncheck.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| teamspeak | teamspeak | 3.5.6 |