Claris mail buffer over flow vulnerability

---------------------------------------------------------------------
Claris Emailer buffer over flow vulnerabirity

Problem first discoverd:2000.7.26
Discoverd by: awacs@hawkeye
Published: 2001.10.20
---------------------------------------------------------------------
Description:

Claris Emailer is mail client for Macintosh.
Development is already finished and maybe maintenance is not done.

This mail client have problem about enveloved file name handling,
buffer overflow occers when handle long file name.

When this client recieved mail, this save it in temporary folder,
and interpret file , do necessary process. Therefore, once evil
mail recieved, user gets impossible to use software so that a
similer problem occers again. If user want to use after problem,
(s)he deletes or revise evil mail on temprary folder.

Tested version Claris Emailer-J 2.0v1
Not tested other version.

Solution:
Change mail client.

Disclimer:
You will copy, distribute and publish this content,so long as you change nothing.


Return


Mail to me But no thank you spam mail. :-(