[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Critical issues affecting Steam users

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Critical issues affecting Steam users
From: ReVuln <info@xxxxxxxxxx>
Date: Mon, 15 Oct 2012 20:25:52 +0200

We have just released a paper [1], in which we prove that the current
implementation of the Steam Browser Protocol handling mechanism is an
excellent attack vector to exploit local issues in a remote fashion.

Steam [2] is the biggest gaming related digital delivery platform with
an audience of more than 50 million people and supporting several
different platforms including Windows, Mac OS and Linux.

A demonstrating video [3] is available.

[1] http://revuln.com/files/ReVuln_Steam_Browser_Protocol_Insecurity.pdf
[2] http://steampowered.com
[3] http://vimeo.com/51438866


---
ReVuln
http://revuln.com
http://twitter.com/revuln



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Visual Tools DVR multiple vulnerabilities
Next by Date: Re: [Full-disclosure] Is it OK to hold credit card numbers in cookies? Santander?
Previous by thread: [Full-disclosure] Visual Tools DVR multiple vulnerabilities
Next by thread: Re: [Full-disclosure] Is_it_OK_to_hold_credit_card_numbers_ in_cookies?_Santander?
Index(es):
- Date
- Thread