[Users] [Bug 3557] New: Remotely exploitable bug.

[noreply at thewildbeast.co.uk]

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557

            Bug ID: 3557
           Summary: Remotely exploitable bug.
    Classification: Unclassified
           Product: Claws Mail
           Version: GIT
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P3
         Component: Other
          Assignee: users at lists.claws-mail.org
          Reporter: drwhax at riseup.net

Hi,

I'm a Tails(https://tails.boum.org/) contributor, yesterday, we came across
anonymous posts on an image board where people were dropping bugs on Tails or
software we ship. Apparantly, Claws might be affected.

So in codeconv.c there is a function for japanese character set conversion
called conv_jistoeuc().  There is no bounds checking on the output buffer,
which is created on the stack with alloca().  

Bug can be triggered by sending an email to TAILS_luser at riseup.net or whatever.

Since my C is completely rusty, you might be able to make a better judgement on
the severity of this issue. Marking critical for now.

-- 
You are receiving this mail because:
You are the assignee for the bug.