Some email clients are vulnerable to attacks via 'mailto' links

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
GNOME Evolution, KDE KMail, IBM/HCL Notes, and older versions of Thunderbird found to be vulnerable.

A lesser-known technology known as "mailto" links can be abused to launch attacks on the users of email desktop clients.

The new attacks can be used to secretly steal local files and have them emailed as attachments to attackers, according to a research paper published last week by academics from two German universities.

The "vulnerability" at the heart of these attacks is how email clients implemented RFC6068 — the technical standard that describes the 'mailto' URI scheme.

Mailto refer to special types of links, usually supported by web browsers or email clients. These are links that, when clicked, they open a new email compose/reply window rather than a new web page (website). [...]
Research paper named "Mailto: Me Your Secrets" [PDF] by academics from Ruhr University Bochum and the Münster University of Applied Sciences.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top