CVE-2019-15943

vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
valvesoftwarecounter-strike\
𝑥
< 1.37.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html
https://blog.counter-strike.net/index.php/category/updates/
https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md
http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html
https://blog.counter-strike.net/index.php/category/updates/
https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md