Buffer overflow in Valve Software Source Sdk (Source-sdk-2013)

CVE-2017-20205

Valve's Source SDK (source-sdk-2013)'s ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function `nexttoken` copies characters from an input string into a fixed-size stack buffer without perfor…

Vulnerability class: Buffer Overflow

EPSS: 0.006 (45.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References