Mailsploit.com exploits pack vulnerability
Hello dear mr. Yamamoto,
recently I see related issue on K-9 Mail tracker, https://github.com/k9mail/k-9/issues/2962.
Seems that Sylpheed have some problems. Please take a look on the screenshot attached.
3.5 & 3.6 Linux versions are tested.
Updated by Hiroyuki Yamamoto almost 5 years ago
I have just chedked that, and I can say that Sylpheed is NOT exploitable by this exploits.
If you open the messages, you can easily detect the spoofing by looking From (see the attached screenshot),
not like the example on the page: https://www.mailsploit.com/index
Sylpheed just ignores or replaces the Q-encoded nul character or newline (=?utf-8?Q?=00?=) (=?utf-8?Q?=0A=00?=),
so the actual domain part will not be hidden.
The From column of the summary view only displays display-name part,
so you shouldn't judge only by the information.
Updated by seo mind about 1 month ago
It is perfect time to make some plans for the future and it is time to be happy. I’ve read this post and if I could I desire to suggest you few interesting things or tips. Perhaps you could write next articles referring to this article. I want to read more things about it! Anthony Morrison's Review