The news is reported by TheHackerNews, that writes:
A Spain security researcher, Hector Marco, successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected. According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything.
On Marco’s blog, there is a good explanation of the vulnerability:
The bug appears because an incorrect handling of the Content-Disposition header. An incorrect Content-Disposition header causes the crash. The malformed header which produces the crash is:
According to RFC2183 the parameters are missing. The correct header shall look like:
Content-Disposition: attachment; filename=genome.jpeg;
and, about the exploit:
To successfully exploit this vulnerability the attacker only needs to send an email to the victim with an empty Content-Disposition followed by a semicolon.
Marco also has writes a simple python script to send malicious emails: crash_Android_Google_email_4.2.2.0200.py
- OpenSSL Security Advisory, 3rd May 2016: Patch, Patch ASAP!
- Mazar BOT campaign in Denmark and Italy
- BadLock: let's take stock of situation!
- Save the Date: on April 12, 2016 a critical security bug on Windows and Samba will be disclosed
- Two new threats for mobile users
- Ransomware written in PHP attacks blogs and CMS?