Описание
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | steam client auto-updates |
| esm-apps/xenial | not-affected | steam client auto-updates |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [steam client auto-updates]] |
| precise | DNE | |
| trusty | not-affected | steam client auto-updates |
| trusty/esm | DNE | trusty was not-affected [steam client auto-updates] |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | steam client auto-updates |
Показывать по
Ссылки на источники
EPSS
1.9 Low
CVSS2
4.8 Medium
CVSS3
Связанные уязвимости
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
EPSS
1.9 Low
CVSS2
4.8 Medium
CVSS3