Valve: Malformed map detailed texture files in GoldSrc games lead to Remote Code Execution
A crafted map detailed texture file maps/detail.txt can be used to exploit a stack overflow vulnerability in hw.dll that can lead to remote code execution. Reproduction I used Counter-Strike for PoCs. Using a listen server - Place attached csassaultdetail.txt in cstrike/maps folder - Start the ga...