Moderately critical

Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability

-

Release Date:  2013-11-25    Views:  2,284

Secunia Advisory SA55846

Where:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of the Secunia VIM.

Impact:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of the Secunia VIM.

Solution Status:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of the Secunia VIM.

Software:

Log in with your Secunia community profile. If you are an IT security professional, request a trial of the Secunia VIM.

CVE Reference(s):

Log in with your Secunia community profile. If you are an IT security professional, request a trial of the Secunia VIM.

Description


A vulnerability has been reported in Steam, which can be exploited by malicious users to compromise a user's system


Log in with your Secunia community profile to view the full description of this Advisory. If you are an IT security professional, request a trial of the Secunia VIM.

If you are not a member of the Secunia community, you can sign up here for free.

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability

User Message
lafingman0 RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Member 4th Dec, 2013 06:41
Score: 1
Posts: 5
User Since: 1st Jun 2010
System Score: N/A
Location: N/A
Last edited on 4th Dec, 2013 06:41
installed an update and still saying out of date
Was this reply relevant?
+0
-0
Maurice Joyce RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Handling Contributor 4th Dec, 2013 11:04
Score: 11922
Posts: 9,136
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I have just downloaded & installed on my test PC from this site http://store.steampowered.com/about

& it shows correctly in PSI as can be seen here: https://1ncuig.bn1301.livefilestore.com/y2p5yanv3b...

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
lafingman0 RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Member 4th Dec, 2013 13:26
Score: 1
Posts: 5
User Since: 1st Jun 2010
System Score: N/A
Location: N/A
Last edited on 4th Dec, 2013 13:26
after an update through the program and twice from the site: http://puu.sh/5BNQc.png

that was the version installed but it wouldnt say it was up to date. now its fine for w/e reason. maybe i had to do a full can instead of an individual program scan.

thanks for checking though <3
Was this reply relevant?
+0
-0

-

You must be logged in to post a comment.