Qualcomm

Eudora

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2002-2351

Exploit
  • EPSS 3%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).

8.8

CVE-2002-2313

  • EPSS 0.22%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a...

5

CVE-2002-1210

  • EPSS 0.49%
  • Veröffentlicht 29.11.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then execu...

7.5

CVE-2002-0833

  • EPSS 4.71%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.

5

CVE-2002-0456

  • EPSS 0.5%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames...

5

CVE-2001-0677

Exploit
  • EPSS 0.98%
  • Veröffentlicht 20.09.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.

7.5

CVE-2001-0365

Exploit
  • EPSS 4.82%
  • Veröffentlicht 27.06.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious co...

7.5

CVE-2001-1326

Exploit
  • EPSS 3.75%
  • Veröffentlicht 29.05.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the atta...

5

CVE-2000-0874

  • EPSS 0.51%
  • Veröffentlicht 14.11.2000 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).

7.5

CVE-1999-0427

  • EPSS 0.56%
  • Veröffentlicht 01.05.2000 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names.