Vulnerabilities > CVE-2020-7949 - Unspecified vulnerability in Valvesoftware Dota 2 7.23E

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
valvesoftware
exploit available

Summary

schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call.

Vulnerable Configurations

Part Description Count
Application
Valvesoftware
1

Exploit-Db

idEDB-ID:48031
last seen2020-02-10
modified2020-02-10
published2020-02-10
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/48031
titleDota 2 7.23f - Denial of Service (PoC)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/156268/dota2723f-dos.txt
idPACKETSTORM:156268
last seen2020-02-11
published2020-02-09
reporterBogdan Kurinnoy
sourcehttps://packetstormsecurity.com/files/156268/Dota-2-7.23f-Denial-Of-Service.html
titleDota 2 7.23f Denial Of Service