#Hacking:Crashing Google Email App for Android Just By Sending a Malicious Email
A vulnerability has been discovered in the wildly popular Google’s Stock Android Email App,
that could be exploited by malicious attackers to remotely crash your
smartphone application just by sending a specially crafted email.
A Spain security researcher, Hector Marco, successfully exploited
the vulnerability on his Samsung Galaxy S4 Mini running version
4.2.2.0200 of Stock Android Email App. He said the flaw appears to
affect all older versions of Stock Android Email App, though devices
running 4.2.2.0400 and newer versions are not affected.
According to the researcher, when the victim receives the malicious
email and tries to view it, the email app crashes. Further attempts to
open the email again triggers a crash in the application before the
victim can do anything.
The flaw (CVE-2015-1574) is due to incorrect handling of the Content-Disposition header.
Hackers could exploit the vulnerability by sending an email with a
malformed Content-Disposition header to the targeted user in order to
cause email application crash.
The only way to get rid of this crash issue is to remove the malicious email from the Stock Android Email App.
"Since the application crashes immediately, [and the] easiest and straightforward way to remove [the issue] is by using other email client (or via web) from the inbox at the email server," Marco explained in a blog post. "Another way is by disabling the internet connection (Airplane mode) before launching the email reader, and then you can remove the offending email."
However, removing the malicious email from the app’s inbox is only a
temporary solution because the attackers can send as many malicious
email as they want, Marco noted.
For proof-of-concept (PoC) demonstration, Marco publishes a python exploit code on Tuesday, and explained how sending a specially crafted email to a targeted user can crash victim’s email application.
So far, there are no reports that Marco’s exploit also works on iOS or
other platform users. But the vulnerability affects a majority of
Android smartphone users as the version of Stock Email App from Google
comes pre-installed on the official versions of Android.
It isn't clear whether the vulnerability has been reported to Google.
Users can upgrade their email Android application to 4.2.2.0400 or
higher in order to protect themselves, but only those users who have
option to upgrade.
Unfortunately the upgradation is not possible in all Android versions.
Marco said his current Samsung Galaxy 4 mini was fully updated and is
vulnerable to this attack, because no higher versions to 4.2.2.0200 are
available for his device.
No comments:
Post a Comment