Vulnerability Details CVE-2019-15502
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://forum.teamspeak.com/threads/141134-Release-TeamSpeak-Client-3-3-2
- https://r4p3.net/threads/teamkilled-new-teamspeak-crash.8144/
- https://www.youtube.com/watch?v=PlVbPIs75D4
- https://forum.teamspeak.com/threads/141134-Release-TeamSpeak-Client-3-3-2
- https://r4p3.net/threads/teamkilled-new-teamspeak-crash.8144/
- https://www.youtube.com/watch?v=PlVbPIs75D4
Products affected by CVE-2019-15502
-
cpe:2.3:a:teamspeak:teamspeak:3.0.5
-
cpe:2.3:a:teamspeak:teamspeak:3.1.0
-
cpe:2.3:a:teamspeak:teamspeak:3.1.1
-
cpe:2.3:a:teamspeak:teamspeak:3.1.2
-
cpe:2.3:a:teamspeak:teamspeak:3.1.3
-
cpe:2.3:a:teamspeak:teamspeak:3.2.5