Lucene search
MitreCVE-2015-7985HistoryNov 24, 2015 - 8:59 p.m.
CVE-2015-7985
2015-11-2420:59:16
CWE-276
mitre
web.nvd.nist.gov
28
valve
steam
weak permissions
install folder
local users
privileges
trojan horse
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
41.9%
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.
Affected configurations
Node
valvesoftwaresteam_clientMatch2.10.91.91
| Vendor | Product | Version | CPE |
|---|---|---|---|
| valvesoftware | steam_client | 2.10.91.91 | cpe:2.3:a:valvesoftware:steam_client:2.10.91.91:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-7985
2015-11-24 20:00:00
exploitdb
exploitdb
Steam 54/894 - Local Privilege Escalation
2009-08-07 00:00:00
prion
prion
Code injection
2015-11-24 20:59:00
ubuntucve
ubuntucve
CVE-2015-7985
2015-11-24 00:00:00
debiancve
debiancve
CVE-2015-7985
2015-11-24 20:59:16
nvd
nvd
CVE-2015-7985
2015-11-24 20:59:16
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
41.9%
Related for CVE-2015-7985