CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2003-0376 – Qualcomm Eudora 5.x/6.0 - Spoofed Attachment Line Denial of Service
https://notcve.org/view.php?id=CVE-2003-0376
06 Jun 2003 — Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters. Desbordamiento de búfer en Eudora 5.2.1 permite que atacantes remotos causen una denegación de servicio (caída y reinicio fallido) y que posiblemente ejecuten código arbitrario mediante un argumento Attachment Converted con un elevado número de caracteres "." (punto). • https://www.exploit-db.com/exploits/23374 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-2003-0336 – Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention
https://notcve.org/view.php?id=CVE-2003-0336
22 May 2003 — Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. • https://www.exploit-db.com/exploits/19885 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2003-0300
https://notcve.org/view.php?id=CVE-2003-0300
15 May 2003 — The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP para Sylpheed 0.8.11 permite que servidores IMAP remotos dañinos originen una denegación de servicio (caída) mediante ciertos tamaños literales muy largos que causan desbordamientos de búfer de enteros. • http://marc.info/?l=bugtraq&m=105294024124163&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0302
https://notcve.org/view.php?id=CVE-2003-0302
15 May 2003 — The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. El cliente IMAP para Eudora 5.2.1 permite que servidores IMAP dañinos provoquen una denegación de servicio y posiblemente ejecuten código arbitrario mediante ciertos valores literales muy grandes que provocan errores de desbordamiento de enteros. • http://marc.info/?l=bugtraq&m=105294024124163&w=2 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1770
https://notcve.org/view.php?id=CVE-2002-1770
31 Dec 2002 — Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. • http://marc.info/?l=bugtraq&m=101680576827641&w=2 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2313
https://notcve.org/view.php?id=CVE-2002-2313
31 Dec 2002 — Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer. • http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000644.html •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 3CVE-2002-2351 – Qualcomm Eudora 5/6 - File Attachment Spoofing
https://notcve.org/view.php?id=CVE-2002-2351
31 Dec 2002 — Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). • https://www.exploit-db.com/exploits/21695 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-1210
https://notcve.org/view.php?id=CVE-2002-1210
21 Nov 2002 — Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context. Qualcomm Eudora 5.1.1, 5.2, y posiblemente otras versiones almacenan adjuntos de correo electrónico en una localización predecible, lo que permite a atacantes remotos leer ficheros arbitrarios mediante un enlace que c... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0079.html •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2002-0833 – Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0833
07 Aug 2002 — Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string. • https://www.exploit-db.com/exploits/21680 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0456
https://notcve.org/view.php?id=CVE-2002-0456
11 Jun 2002 — Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. • http://marc.info/?l=bugtraq&m=101622857703677&w=2 •