Airmail 3 for Mac Advisory:EventHandler Race Condition: CVE-2018-15670

Home | Research | Resources | Advisories | Airmail 3 for Mac

Airmail 3 for Mac

EventHandler Race Condition

CVE ID

CVE-2018-15670

VENDOR

Bloop S.R.L.

PRODUCT

Airmail 3 for Mac

Product version

3.5.9

Vulnerability Details

Airmail's primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that "OpenURL" is the default URL handler. A navigation request is processed by the default URL handler only if the "currentEvent" is "NX_LMOUSEUP" or "NX_OMOUSEUP". An attacker may abuse HTML Elements with an EventHandler for a chance to validate navigation requests for URLs that are processed during the "NX_LMOUSEUP" event triggered by clicking an email.

Learn More →

Vendor response

No response.

Disclosure timeline

08-06-2018 - Vendor disclosure via email
08-13-2018 - Vendor notified via Support Page
08-21-2018 - Vendor notified of the advisory release

Understanding Google Cloud Platform (GCP) Concepts

Blog Post

Web App Security

In previous posts, we have covered security around Azure and AWS cloud solutions and now it’s time to look at the third big contestant, Google Cloud Platform.

NTML Passwords Insecure

Blog Post

Password Management

Hashcat is the world’s fastest and most advanced password recovery utility. This software on its 6.0.0 beta version can now crack an eight-character Windows NTLM password hash under 2 hours 30 minutes.

Critical Vulnerability in WordPress Core

Blog Post

Web App Security

Security researchers at RIPS Technologies GmbH have published research about a critical remote command execution (RCE) in WordPress 5.0. This issue affects all the previous released versions in the past 6 years.

We are an international squad of professionals working as one.

[email protected]