Inappropriate interpretation of mailto URL scheme by mail client software


The mailto URL scheme is used to designate the Internet email address on a web page. Specifying an email address and body text using the mailto URL scheme gives a template for a mail message. Many mail clients have a function to set a field specified by the mailto URL scheme in a mail header.

RFC2368 defining the mailto URL scheme points out the followings in its Security Considerations section.

- A mail client should never send anything without complete disclosure to the user of the full message created based on descriptions of the mailto URL scheme
- It should explicitly display any headers along with the message destination.
- It is inappropriate to set a header related to mail delivery based on descriptions of the mailto URL scheme

However, some mail clients set the header related to mail delivery based on descriptions of the mailto URL scheme or do not explicitly display the full header.

We published this issue on JVN in coordination with developers, to publicize the issue to users and mail client developers.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products

Edcom Inc.
  • EdMax Ver3.05 and earlier
  • EdMax Free Ver2.85.5F and earlier
Allied Telesis
  • AT-Mail Server
Orangesoft Inc.
  • Winbiff V2.43PL1 and earlier
JustSystems Corporation
  • Shuriken Pro3
  • Shuriken Pro4
  • Becky! Internet Mail Ver.2.21.01 and earlier
Saitoh Kikaku
  • Hidemaru Mail Version4.12 and earlier


An email message may be sent to recipients to whom the user does not intend to send it.

Vendor Information

Edcom Inc. Allied Telesis Orangesoft Inc. JustSystems Corporation
  • Shuriken Support Desk : shuriken (Japanese)
RIMARTS Saitoh Kikaku
  • Hidemaruo's Homepage : news2005 (Japanese)
CWE (What is CWE?)

CVE (What is CVE?)


  2. IETF : RFC2368: The mailto URL scheme
Revision History

  • [2008/05/21]
      Web page published