{"vulnerability": "CVE-2020-6017", "sightings": [{"uuid": "9f6e4eed-cd38-4db6-8828-ba4167913b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6017", "type": "seen", "source": "https://t.me/cibsecurity/17083", "content": "\u203c CVE-2020-6017 \u203c\n\nValve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-03T16:56:06.000000Z"}, {"uuid": "4a647400-63c0-4f7c-82bf-5a485b1b8fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6017", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2270", "content": "Finding and Exploiting Bugs in Game Engines:\n1. Finding vulnerabilities in Valve\u2019s \"Steam Sockets\" (CVE-2020-6016, CVE-2020-6017, CVE-2020-6018, CVE-2020-6019)\nhttps://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/\n2. Exploiting a WebKit 0-day in PlayStation 4\nhttps://www.synacktiv.com/publications/this-is-for-the-pwners-exploiting-a-webkit-0-day-in-playstation-4.html", "creation_timestamp": "2020-12-13T21:28:16.000000Z"}]}