A vulnerability has been discovered in the wildly popular Google’s Stock Android Email App, that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email.
A Spain security researcher, Hector Marco, successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected.
According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything.
The flaw (CVE-2015-1574) is due to incorrect handling of the Content-Disposition header. Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to the targeted user in order to cause email application crash.
The only way to get rid of this crash issue is to remove the malicious email from the Stock Android Email App.
"Since the application crashes immediately, [and the] easiest and straightforward way to remove [the issue] is by using other email client (or via web) from the inbox at the email server," Marco explained in a blog post. "Another way is by disabling the internet connection (Airplane mode) before launching the email reader, and then you can remove the offending email."
However, removing the malicious email from the app’s inbox is only a temporary solution because the attackers can send as many malicious email as they want, Marco noted.
For proof-of-concept (PoC) demonstration, Marco publishes a python exploit code on Tuesday, and explained how sending a specially crafted email to a targeted user can crash victim’s email application.
So far, there are no reports that Marco’s exploit also works on iOS or other platform users. But the vulnerability affects a majority of Android smartphone users as the version of Stock Email App from Google comes pre-installed on the official versions of Android.
It isn't clear whether the vulnerability has been reported to Google. Users can upgrade their email Android application to 4.2.2.0400 or higher in order to protect themselves, but only those users who have option to upgrade.
Unfortunately the upgradation is not possible in all Android versions. Marco said his current Samsung Galaxy 4 mini was fully updated and is vulnerable to this attack, because no higher versions to 4.2.2.0200 are available for his device.