VULHUB ™

DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow - After applying Security Update 2006-001 Mail.app becomes vulnerable to a buffer overflow that may be triggered via a properly formatted MIME Encapsuled Macintosh file. Sending a file in the AppleDouble format with a long Real Name entry will invoke the overflow. Reading through RFC1740 should provide enough information to trigger the issue. The overflow is triggered by the file that contains the AppleDouble header information.

DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow - After applying Security Update 2006-001 Mail.app becomes vulnerable to a buffer overflow that may be triggered via a properly formatted MIME Encapsuled Macintosh file. Sending a file in the AppleDouble format with a long Real Name entry will invoke the overflow. Reading through RFC1740 should provide enough information to trigger the issue. The overflow is triggered by the file that contains the AppleDouble header information.