Crashing someone’s Google Email App for Android, Just By Sending a Email

0
0

0
0
0

A vulnerability has been discovered in the wildly popular Google’s Stock Android Email App, that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email.

Android version 4.2.2 and newer versions are not affected

A Spain security researcher, Hector Marco, successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected.

According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything.

CVE-2015-1574

The flaw (CVE-2015-1574) is due to incorrect handling of the Content-Disposition header. Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to the targeted user in order to cause email application crash.

Proof of concept

For proof-of-concept (PoC) demonstration, Marco publishes a python exploit code on Tuesday, and explained how sending a specially crafted email to a targeted user can crash victim’s email application.
So far, there are no reports that Marco’s exploit also works on iOS or other platform users. But the vulnerability affects a majority of Android smartphone users as the version of Stock Email App from Google comes pre-installed on the official versions of Android.

 

It isn’t clear whether the vulnerability has been reported to Google. Users can upgrade their email Android application to 4.2.2.0400 or higher in order to protect themselves, but only those users who have option to upgrade.
Unfortunately the upgradation is not possible in all Android versions. Marco said his current Samsung Galaxy 4 mini was fully updated and is vulnerable to this attack, because no higher versions to 4.2.2.0200 are available for his device.