CVE-2016-5237

Name of the Vulnerable Software and Affected Versions Valve Steam version 3.42.16.13

Description The issue concerns weak permissions for files in the Steam program directory, allowing local users to modify these files and potentially gain privileges. This could be exploited, for example, by creating a Trojan horse Steam.exe file.

Recommendations For Valve Steam version 3.42.16.13, consider restricting access to the Steam program directory to prevent local users from modifying its files until a fix is available. As a temporary workaround, monitor the directory for any unauthorized changes, especially to the Steam.exe file.