CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2001-0677
https://notcve.org/view.php?id=CVE-2001-0677
20 Sep 2001 — Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. • http://www.osvdb.org/3085 •
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 0CVE-2001-1318
https://notcve.org/view.php?id=CVE-2001-1318
16 Jul 2001 — Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. • http://ciac.llnl.gov/ciac/bulletins/l-116.shtml •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 2CVE-2001-0365 – Qualcomm Eudora 5.0.2 - 'Use Microsoft Viewer' Code Execution
https://notcve.org/view.php?id=CVE-2001-0365
27 Jun 2001 — Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. • https://www.exploit-db.com/exploits/20688 •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 2CVE-2001-1326 – Qualcomm Eudora 5.1 - Hidden Attachment Execution
https://notcve.org/view.php?id=CVE-2001-1326
29 May 2001 — Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments. • https://www.exploit-db.com/exploits/20888 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0874
https://notcve.org/view.php?id=CVE-2000-0874
14 Nov 2000 — Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). • http://www.osvdb.org/1545 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 5CVE-2000-0342 – Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention
https://notcve.org/view.php?id=CVE-2000-0342
28 Apr 2000 — Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." • https://www.exploit-db.com/exploits/19885 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-1999-0427
https://notcve.org/view.php?id=CVE-1999-0427
04 Feb 2000 — Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0427 •
CVSS: 7.4EPSS: 8%CPEs: 4EXPL: 2CVE-1999-1016 – Microsoft Internet Explorer 5 - HTML Form Control Denial of Service
https://notcve.org/view.php?id=CVE-1999-1016
27 Aug 1999 — Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. • https://www.exploit-db.com/exploits/19471 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1448
https://notcve.org/view.php?id=CVE-1999-1448
29 Jul 1998 — Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault. • http://marc.info/?l=bugtraq&m=90221104526168&w=2 •