This exploit demonstrates a denial-of-service (DoS) vulnerability in Steam by crafting a malformed 'serverbrowser_ui.vdf' file. The file contains a large buffer of 'A's followed by specific patterns ('BBBB', 'ZZZZ', and NOPs) designed to trigger an access violation in Steam's synchronization process.
Classification
Working Poc 95%
Target:
Steam (Latest, as of 2011)
Auth required
Prerequisites:
Access to the target's Steam installation directory · Valid Steam account credentials