JVNDB-2006-000602

Multiple email clients vulnerable in handling an attachement inapropriately

Some email clients contain a vulnerability which may crash themselves as they do not properly handle an attached file with an particular file name.

Hitachi, Ltd

• GroupMail/Client 01-01 - 01-21-/G
• GroupMail/Client (dosv) 01-21-/C - 01-21-/D
• Groupmax Integrated Desktop Version 2.0 02-10 - 02-31-/S
• Groupmax Integrated Desktop Version 3 03-00 - 03-10-/P
• Groupmax Integrated Desktop Version 5 05-00 - 05-11-/H
• Groupmax Integrated Desktop Version 6 06-00 - 06-52-/C
• Groupmax Integrated Desktop Version 7 07-00 - 07-20-/C
• Groupmax World Wide Web Desktop Version 2.0
• Groupmax World Wide Web Desktop Version 3
• Groupmax World Wide Web Desktop Version 5
• Groupmax World Wide Web Desktop Version 6 02-00 - 02-31-/I
• Groupmax World Wide Web Desktop for Jichitai 06-51 - 06-52-/A
• Mail Client 02-00 - 02-31-/E

Actual impact could differ depending on the email clients though, email clients may crash when hadling an attached file with a particular file name. Other possible impacts could be an attached file not being saved or hanged up while in the saving process, or an error message being displayed on the application related to the attached file.

Hitachi, Ltd

• Hitachi Software Vulnerability Information : HS06-006

1. CVE-2006-2087

1. JVN : JVN#89344424
2. National Vulnerability Database (NVD) : CVE-2006-2087
3. Secunia Advisory : SA19840
4. ISS X-Force Database : 26099
5. FrSIRT Advisories : FrSIRT/ADV-2006-1539
6. OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 24969

• [2008/05/21]
    Web page published