The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability note 24664

Mail client: sender spoofing via Mailsploit

Synthesis of the vulnerability

An attacker can send an email with a special From header, which is truncated by some mail clients, in order to deceive the victim.
Impacted software: iOS by Apple, iPhone, Mac OS X, Notes, Office, Outlook, SeaMonkey, Thunderbird, Synology DSM.
Severity of this computer vulnerability: 3/4.
Consequences of an attack: disguisement.
Attacker's origin: document.
Creation date: 06/12/2017.
Références of this announce: CERTFR-2017-ALE-019, Mailsploit, MFSA-2017-30, Synology-SA-17:82, VIGILANCE-VUL-24664.

Description of the vulnerability

Messaging clients interpret the From header to display the sender name.

However, using a Base64 or Quoted Printable encoding, and '\0' or '\n' characters, an attacker can force the displayed email address to be truncated.

An attacker can therefore send an email with a special From header, which is truncated by some mail clients, in order to deceive the victim.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computers vulnerabilities watch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.