CVE-2015-0879

Name of the Vulnerable Software and Affected Versions AL-Mail32 versions prior to 1.13d

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by including specific device names in the filename of an attachment, such as CON, AUX, or NUL.

Recommendations For versions prior to 1.13d, update to version 1.13d or later to resolve the issue. As a temporary workaround, consider restricting the types of filenames that can be used for attachments to prevent the inclusion of device names like CON, AUX, or NUL.