Mail.ru: При передаче в ID сообщения нулевого байта, происходит вывод какого-то буфера.

2017-08-01T14:22:24
ID H1:255510
Type hackerone
Reporter bytehope
Modified 2017-12-29T08:01:43

Description

Memory leak due to invalid NUL-byte processing (aka "poison NULL byte" problem) on message reading via crafted message id allowed to read a portion of server's heap memory at uncontrolled location. This portion could potentially contain sensitive data.