Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/137343/Valve-Steam-3.42.16.13-Local-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/39888/ |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-01-23T21:00:00
Updated: 2017-09-06T09:57:02
Reserved: 2016-06-02T00:00:00
Link: CVE-2016-5237
JSON object: View
NVD Information
Status : Modified
Published: 2017-01-23T21:59:01.690
Modified: 2017-09-07T01:29:03.760
Link: CVE-2016-5237
JSON object: View
Redhat Information
No data.
CWE