CVE-2019-17180: Path Traversal
First published: Fri Oct 04 2019(Updated: )
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Steam Client | <2019-09-12 | |
| Microsoft Windows Operating System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-17180?
CVE-2019-17180 is a vulnerability in Valve Steam Client that allows placing or appending partially controlled filesystem content, leading to denial of service, elevation of privilege, or unspecified other impact.
How severe is CVE-2019-17180?
CVE-2019-17180 has a severity value of 7.8, which is considered high.
How does CVE-2019-17180 affect Valve Steam Client?
CVE-2019-17180 affects Valve Steam Client versions before 2019-09-12 by allowing the placement or appending of partially controlled filesystem content.
Does CVE-2019-17180 affect Microsoft Windows?
No, CVE-2019-17180 does not affect Microsoft Windows.
Is there a fix for CVE-2019-17180?
Yes, updating Valve Steam Client to version 2019-09-12 or later will fix CVE-2019-17180.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/valvesoftware
- canonical/steam client
- vendor/microsoft
- canonical/microsoft windows operating system