Moderately critical

Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability

-

Release Date:  2013-11-25    Views:  2,261

Secunia Advisory SA55846

Where:

You need to log in to view this

Impact:

You need to log in to view this

Solution Status:

You need to log in to view this

Software:

You need to log in to view this

CVE Reference(s):

You need to log in to view this

Description


A vulnerability has been reported in Steam, which can be exploited by malicious users to compromise a user's system


You need to log in to the Secunia Community to view the full description of this advisory

If you are not a member of the Secunia community, you can sign up here for free.

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability

User Message
lafingman0 RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Member 4th Dec, 2013 06:41
Score: 1
Posts: 5
User Since: 1st Jun 2010
System Score: N/A
Location: N/A
Last edited on 4th Dec, 2013 06:41
installed an update and still saying out of date
Was this reply relevant?
+0
-0
Maurice Joyce RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Handling Contributor 4th Dec, 2013 11:04
Score: 11919
Posts: 9,131
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I have just downloaded & installed on my test PC from this site http://store.steampowered.com/about

& it shows correctly in PSI as can be seen here: https://1ncuig.bn1301.livefilestore.com/y2p5yanv3b...

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
lafingman0 RE: Steam Client Chat Messages Handling Arbitrary Code Execution Vulnerability
Member 4th Dec, 2013 13:26
Score: 1
Posts: 5
User Since: 1st Jun 2010
System Score: N/A
Location: N/A
Last edited on 4th Dec, 2013 13:26
after an update through the program and twice from the site: http://puu.sh/5BNQc.png

that was the version installed but it wouldnt say it was up to date. now its fine for w/e reason. maybe i had to do a full can instead of an individual program scan.

thanks for checking though <3
Was this reply relevant?
+0
-0

-

You must be logged in to post a comment.