Counter-Strike Global Offensive (vphysics.dll) versions prior to 1.37.1.1 allow remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, using a crafted map that causes memory corruption.