|CVSS SCORE||6.5, (AV:N/AC:L/Au:S/C:P/I:P/A:P)|
The specific flaw exists within the handling of user to user messages in the Steam client. An attacker can exploit this vulnerability by sending a malformed message to another Steam user via the Steam service. This can result in arbitrary code execution in the context of the Steam client.
Valve has issued an update to correct this vulnerability. More details can be found at: