TeamSpeak Client Arbitrary Command Execution Vulnerability (Win) Network Vulnerability

Summary

This host is installed with TeamSpeak client and is prone to arbitrary command execution vulnerability.

Impact

Successful exploitation could allow an attacker to execute arbitrary code in the context of the user running the application. Impact Level: Application.

Solution

Upgrade to the Teamspeak 3 or later For updates refer to http://www.tsviewer.com/index.php?page=teamspeak

Insight

The specific flaw exists within the 'TeamSpeak.exe' module, teardown procedure responsible for freeing dynamically allocated application handles.

Affected

Teamspeak 2 version 2.0.32.60

References

http://archives.free.net.ph/message/20101028.062014.2328daac.ja.html
http://seclists.org/fulldisclosure/2010/Oct/439
http://www.nsense.fi/advisories/nsense_2010_002.txt

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.0
AV:N/AC:H/Au:N/C:P/I:P/A:N

Related Vulnerabilities

AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
CA Gateway Security Remote Code Execution Vulnerability
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
Apache Tomcat Remote Code Execution Vulnerability - Sep14

TeamSpeak Client Arbitrary command execution vulnerability (Win)

Take action and discover your vulnerabilities