Vulnerabilities > CVE-2020-7949 - Unspecified vulnerability in Valvesoftware Dota 2 7.23E

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

valvesoftware

exploit available

NVD

Published: 2020-01-27

Updated: 2024-11-21

Summary

schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call.

Vulnerable Configurations

Part	Description	Count
Application	Valvesoftware Valvesoftware Dota 2 7.23E	1

Exploit-Db

id	EDB-ID:48031
last seen	2020-02-10
modified	2020-02-10
published	2020-02-10
reporter	Exploit-DB
source	https://www.exploit-db.com/download/48031
title	Dota 2 7.23f - Denial of Service (PoC)

Packetstorm

data source	https://packetstormsecurity.com/files/download/156268/dota2723f-dos.txt
id	PACKETSTORM:156268
last seen	2020-02-11
published	2020-02-09
reporter	Bogdan Kurinnoy
source	https://packetstormsecurity.com/files/156268/Dota-2-7.23f-Denial-Of-Service.html
title	Dota 2 7.23f Denial Of Service

Summary

Vulnerable Configurations

Exploit-Db

Packetstorm

References