RSS   Vulnerabilities for 'Bluestacks'   RSS

2019-09-24
 
CVE-2019-14220

CWE-200
 

 
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read

 
2018-11-15
 
CVE-2018-0701

CWE-noinfo
 

 
BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access.

 
2017-01-06
 
CVE-2016-4288

 

 
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM privileges.

 

 >>> Vendor: Bluestacks 2 Products
Bluestacks
Bluestacks app player


Copyright 2024, cxsecurity.com

 

Back to Top