---
gem: mail
osvdb: 131677
url: http://www.mbsd.jp/Whitepaper/smtpi.pdf
title: Mail Gem for Ruby vulnerable to SMTP Injection via recipient email addresses
date: 2015-12-09
description: |
  Because the Mail Gem for Ruby does not validate or impose a length limit on
  email address fields, an attacker can modify messages sent with the gem via a
  specially-crafted recipient email address.

  Applications that validate email address format are not affected by this
  vulnerability.

  The recipient attack is described in Terada, Takeshi. "SMTP Injection via
  Recipient Email Addresses." 2015. The attacks described in the paper (Terada,
  p. 4) can be applied to the library without any modification.
patched_versions:
- ">= 2.6.0"