Malicious Email Used To Crash Google Gmail App In Android
A new vulnerability in the popular Google’s Stock Android Email App has been discovered recently.This vulnerability could crash your smartphone application just by sending a malicious email.
Hector Marco,a Spain security researcher successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. The flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected.When the user receives the malicious email and tries to view it, the email app crashes,he added.
The flaw (CVE-2015-1574) is due to incorrect handling of the Content-Disposition header. Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to the targeted user in order to cause email application crash.
Comments
Post a Comment