CVE-2021-30481

Sažetak

Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.

Reference

https://www.youtube.com/watch?v=rNQn--9xR1Q
https://news.ycombinator.com/item?id=26762170
https://twitter.com/the_secret_club/status/1380868759129296900
https://twitter.com/floesen_/status/1337107178096881666

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-02-2022 - 19:09

Objavljeno

10-04-2021 - 19:15