BID:13085

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

Info

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

Bugtraq ID:	13085
Class:	Input Validation Error
CVE:	CVE-2005-0404
Remote:	Yes
Local:	No
Published:	Apr 11 2005 12:00AM
Updated:	Jul 12 2009 12:56PM
Credit:	Noam Rathaus is credited with the discovery of this issue.
Vulnerable:	KDE kmail 1.7.1 + KDE KDE 3.3.2 + KDE KDE 3.3.2

Not Vulnerable:

Discussion

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

A remote email message content spoofing vulnerability affects KDE KMail. This issue is due to a failure of the application to properly sanitize HTML email messages.

An attacker may leverage this issue to spoof email content and various header fields of email messages. This may aid an attacker in conducting phishing and social engineering attacks by spoofing PGP keys as well as other critical information.

Exploit / POC

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been made available:

/data/vulnerabilities/exploits/kMailEmailSpoofingPoC.pl

Solution / Fix

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

References

KDE KMail HTML EMail Remote Email Content Spoofing Vulnerability

References:

Bug 96020: HTML Allows Spoofing of Emails Content (KDE)
KMail Home Page (KDE)