|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
Mail client: sender spoofing via Mailsploit
Synthesis of the vulnerability
An attacker can send an email with a special From header, which is truncated by some mail clients, in order to deceive the victim.
Impacted software: iOS by Apple, iPhone, Mac OS X, Notes, Office, Outlook, SeaMonkey, Thunderbird, Synology DSM.
Severity of this computer vulnerability: 3/4.
Consequences of an attack: disguisement.
Attacker's origin: document.
Creation date: 06/12/2017.
Références of this announce: CERTFR-2017-ALE-019, Mailsploit, MFSA-2017-30, Synology-SA-17:82, VIGILANCE-VUL-24664.
Description of the vulnerability
Messaging clients interpret the From header to display the sender name.
However, using a Base64 or Quoted Printable encoding, and '\0' or '\n' characters, an attacker can force the displayed email address to be truncated.
An attacker can therefore send an email with a special From header, which is truncated by some mail clients, in order to deceive the victim.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a computers vulnerabilities watch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.