7 matches found
CVE-2021-33879
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...
EUVD-2021-20553
Malware in sbrugna...
CVE-2021-33879
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...
Design/Logic Flaw
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...
CVE-2021-33879
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...
CVE-2021-33879
Tencent GameLoop before 4.1.21.90 downloads updates over HTTP, enabling MITM tampering of the update package XML. An attacker could replace the download URL with a path to an arbitrary Windows executable; the only integrity check is an MD5 comparison with the XML, allowing the executable to run o...
Tencent GameLoop 安全漏洞
Tencent GameLoop is an Android emulator from Tencent, a Chinese company. It enables players to play Android games on their computers. Tencent GameLoop before 4.1.21.90 suffers from a security vulnerability that originates from a malicious attacker in the MITM position that can be exploited to spo...