Published: 23/01/2017 Updated: 07/09/2017

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.8 | Impact Score: 3.4 | Exploitability Score: 1.3

VMScore: 195

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N

Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
valvesoftware steamos

# Exploit Title: Valve Steam 3421613 Local Privilege Escalation # CVE-ID: CVE-2016-5237 # Date: 5/11/52016 # Exploit Author: gsX # Contact: gsx0rsec@gmailcom # Vendor Homepage: wwwvalvesoftwarecom/ # Software Link: storesteampoweredcom/about/ #Version: File Version 3421613, Built: Apr 29 2016, Steam API: v017, Steam packag ...

Valve Steam version 3421613 suffers from a local privilege escalation vulnerability ...

CWE-264 https://packetstormsecurity.com/files/137343/Valve-Steam-3.42.16.13-Local-Privilege-Escalation.html https://www.exploit-db.com/exploits/39888/https://nvd.nist.gov https://www.exploit-db.com/exploits/39888/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-5237

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect