Code injection

2019-08-2916:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.2%

JSON

The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).

CPENameOperatorVersion
teamspeaklt3.3.2

CPE	Name	Operator	Version
	teamspeak	lt	3.3.2

References

forum.teamspeak.com/threads/141134-Release-TeamSpeak-Client-3-3-2

r4p3.net/threads/teamkilled-new-teamspeak-crash.8144/

www.youtube.com/watch?v=PlVbPIs75D4