Vulnerabilities > CVE-2019-15943 - Out-of-bounds Write vulnerability in Valvesoftware Counter-Strike: Global Offensive
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| id | EDB-ID:47454 |
| last seen | 2019-10-02 |
| modified | 2019-09-18 |
| published | 2019-09-18 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/47454 |
| title | Counter-Strike Global Offensive 1.37.1.1 - 'vphysics.dll' Denial of Service (PoC) |
References
- http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html
- http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html
- https://blog.counter-strike.net/index.php/category/updates/
- https://blog.counter-strike.net/index.php/category/updates/
- https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md
- https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md