HomeAdvisoriesAirmail 3 for Mac

Airmail 3 for Mac

Incomplete Blacklist of Frame Owning Elements

Previous AdvisoryNext Advisory

CVE ID

CVE-2018-15669

Vendor

Bloop S.R.L.

Product

Airmail 3 for Mac

Product Version

3.5.9

Vulnerability Details

Airmail’s primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from HTMLIFrameElements are blacklisted. However, other sub-classes of HTMLFrameOwnerElements are not forbidden by the policy. An attacker may abuse HTML Plug-In Elements within an email to trigger Frame navigation requests that bypass this filter.

Learn more

Vendor Response

No response.

Disclosure Timeline

06.08.2018
Vendor disclosure via email
13.08.2018
Vendor notified via Support Page
21.08.2018
Vendor notified of the advisory release

Previous AdvisoryNext Advisory

Threat Modeling: A Comprehensive Guide

Offensive Security

DevSecOps

IRM Services

Threat Intelligence

Envisions Geopolitical Threat Report:

By Industry

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command

Security Resources

Who We Are

Airmail 3 for Mac

CVE ID

Vendor

Product

Product Version

Vulnerability Details

Vendor Response

Disclosure Timeline