Apple Mail.app mail拒绝服务漏洞

Mail.app是Apple的Mac OS X操作系统中自带的电子邮件程序。 Mail.app电子邮件客户端在实现上存在拒绝服务漏洞，通过发送大于2023 MIME的附件到邮件客户端，在解析时可造成其崩溃。 Apple Mac OS X 10.7.2 Apple Mail 5.1 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://support.apple.com/ !/usr/bin/env python Mail of death for Apple's Mail.app Tested &...

CVE-2008-4491

Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail...

[ENABLESECURITY] Apple's Mail.app stores your S/MIME encrypted emails in clear text

Just published the below advisory describing an issue with Mail.app and a solution. I comment on the flaw on my blog: http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory/ An up to date version of the advisory can be found:...