CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1770
https://notcve.org/view.php?id=CVE-2002-1770
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. • http://marc.info/?l=bugtraq&m=101680576827641&w=2 http://marc.info/?l=ntbugtraq&m=101680201823534&w=2 http://security.greymagic.com/adv/gm002-ie http://www.securityfocus.com/bid/4343 https://exchange.xforce.ibmcloud.com/vulnerabilities/8609 •
CVSS: 6.4EPSS: 1%CPEs: 6EXPL: 3CVE-2002-2351 – Qualcomm Eudora 5/6 - File Attachment Spoofing
https://notcve.org/view.php?id=CVE-2002-2351
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). • https://www.exploit-db.com/exploits/21695 https://www.exploit-db.com/exploits/21696 http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt http://www.securityfocus.com/bid/5432 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2002-1210
https://notcve.org/view.php?id=CVE-2002-1210
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context. Qualcomm Eudora 5.1.1, 5.2, y posiblemente otras versiones almacenan adjuntos de correo electrónico en una localización predecible, lo que permite a atacantes remotos leer ficheros arbitrarios mediante un enlace que carga un adjunto con script malicioso en un marco, el cual ejecuta el script en el contexto del navegador local. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0079.html http://www.idefense.com/advisory/11.19.02b.txt •
CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 1CVE-2002-0833 – Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0833
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string. • https://www.exploit-db.com/exploits/21680 http://marc.info/?l=bugtraq&m=102858453720304&w=2 http://marc.info/?l=bugtraq&m=102883538924494&w=2 http://www.iss.net/security_center/static/9765.php http://www.securityfocus.com/bid/5397 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0456
https://notcve.org/view.php?id=CVE-2002-0456
Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. • http://marc.info/?l=bugtraq&m=101622857703677&w=2 http://www.iss.net/security_center/static/8487.php http://www.securityfocus.com/archive/1/262704 http://www.securityfocus.com/bid/4306 •