Outlook For Android Directory Traversal

Posted by deepcore on December 18, 2017 – 2:26 am

There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this will be sanitized by the server, but for other accounts it will not be. This allows a file to be written anywhere on the filesystem that the Outlook app can access when an attached image is viewed in the Outlook app.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Telegram Messenger For Android Directory Traversal WordPress Placemarks 2.0.0 Cross Site Scripting »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Outlook For Android Directory Traversal

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL