thanks for looking into this. However, I disagree with your conclusion.
The attack scenario would be that an attacker tricks a victim into
opening a malicious crash file. On my Ubuntu system apport is the default handler for files ending in ".crash" so a simple click on a malicious email attachment is sufficient. Processing crash files should not lead to malicious code being executed in the same way processing a PDF or JPEG file should not lead to malicious code execution.
Hi Tyler,
thanks for looking into this. However, I disagree with your conclusion.
The attack scenario would be that an attacker tricks a victim into
opening a malicious crash file. On my Ubuntu system apport is the default handler for files ending in ".crash" so a simple click on a malicious email attachment is sufficient. Processing crash files should not lead to malicious code being executed in the same way processing a PDF or JPEG file should not lead to malicious code execution.
I think you actually fixed a very similar bug a couple of months ago and also assigned a CVE to it: /bugs.launchpad .net/apport/ +bug/1648806
https:/