Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2015-1574

Published: 15/02/2015 Updated: 09/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The Google Email application 4.2.2.0200 for Android allows remote malicious users to cause a denial of service (persistent application crash) via a "Content-Disposition: ;" header in an e-mail message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google email 4.2.2.0200

Exploits

Exploit DB: Google Email 4.4.2.0200 Denial Of Service
A bug in the stock Google email application version 4420200 has been found An attacker can remotely perform an denial of service attack by sending a specially crafted email No interaction from the user is needed to produce the crash just receive the malicious email ...

Recent Articles

This one weird script continually crashes Android email
The Register • Darren Pauli • 19 Feb 2015

Not reading email? No worries: this one can still take you down

The email application of Samsung Galaxy 4 Minis can be made to repeatedly crash with a simple email that need not even be opened, according to researcher Hector Marco. A crafted email gobbled up by the native email client running on Android 4.2.2.0400, a superseded operating system that was the latest stock offering for the S4 Mini. Marco did not specify if the bug also bites earlier Android versions, but if that is the case this flaw will impact a great many more users. Google estimates 52.4 pe...

Read more...

References

CWE-19http://openwall.com/lists/oss-security/2015/02/10/9http://hmarco.org/bugs/google_email_app_4.2.2_denial_of_service.htmlhttp://packetstormsecurity.com/files/130388/Google-Email-4.4.2.0200-Denial-Of-Service.htmlhttp://seclists.org/fulldisclosure/2015/Feb/58http://openwall.com/lists/oss-security/2015/02/12/15http://www.securityfocus.com/archive/1/534703/100/0/threadedhttps://nvd.nist.govhttps://www.theregister.co.uk/2015/02/19/this_script_will_continually_crash_email_in_samsung_4_minis/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook