Vulnerabilities > CVE-2020-9005 - Out-of-bounds Write vulnerability in Valvesoftware Dota 2 20200217/7.23E/7.23F

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server. A GetValue call is mishandled.

Vulnerable Configurations

Part Description Count
Application
Valvesoftware
3

Common Weakness Enumeration (CWE)