In plain English this means that a specially crafted email sent to the App can crash the email App.
The vulnerability has been assigned CVE-2015-1574 and is deemed critical.
The vulnerability
The bug appears because an incorrect handling of the Content-Disposition header by Google Email App.
Since the program crashes immediately, to remove the malicious email is a little bit tricky.
The researchers have written a simple python script which sends the crafted email to a target email user.
However they added that updating is not possible in all cases.
Users using rooted Android smartphones can however bypass the official update channel and update their App.
Another fix is to download the APK and install it on your smartphone.
you might jump into the PoC written by the researchershere(Python).
source: www.techworm.net
