Airmail 3 for Mac Advisory:EventHandler Race Condition: CVE-2018-15670

Home | Research | Resources | Advisories | Airmail 3 for Mac

Airmail 3 for Mac

EventHandler Race Condition

CVE ID

CVE-2018-15670

VENDOR

Bloop S.R.L.

PRODUCT

Airmail 3 for Mac

Product version

3.5.9

Vulnerability Details

Airmail's primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that "OpenURL" is the default URL handler. A navigation request is processed by the default URL handler only if the "currentEvent" is "NX_LMOUSEUP" or "NX_OMOUSEUP". An attacker may abuse HTML Elements with an EventHandler for a chance to validate navigation requests for URLs that are processed during the "NX_LMOUSEUP" event triggered by clicking an email.

Learn More →

Vendor response

No response.

Disclosure timeline

08-06-2018 - Vendor disclosure via email
08-13-2018 - Vendor notified via Support Page
08-21-2018 - Vendor notified of the advisory release

Google Cloud Platform (GCP) Security – 5 Key Features of Google Stackdriver

Blog Post

clo

Stackdriver provides a centralized method of receiving signals, logs, metrics, and traces from your GCP resources, so you can quickly see when there is any alert on your cloud.

Mozilla Firefox Patches Multiple Zero Days

Blog Post

Web Application Security

Mozilla Firefox has patched multiple zero days that could lead to arbitrary code being executed remotely. Read more on the vulnerabilities and remediation recommendations. The first vulnerability that was patched was a Universal Cross-site Scripting (UXSS) attack, this attack worked on any Windows, MacOS and Linux device.

Understanding Google Cloud Platform (GCP) Concepts

Blog Post

Web Application Security

In previous posts, we have covered security around Azure and AWS cloud solutions and now it’s time to look at the third big contestant, Google Cloud Platform.

We are an international squad of professionals working as one.

[email protected]