Page 6 of 29 results (0.004 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 5

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." • https://www.exploit-db.com/exploits/19885 https://www.exploit-db.com/exploits/22627 https://www.exploit-db.com/exploits/23398 https://www.exploit-db.com/exploits/23399 http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077 http://www.peacefire.org/security/stealthattach/explanation.html http://www.securityfocus.com/bid/1157 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0427 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 2

Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. • https://www.exploit-db.com/exploits/19471 http://marc.info/?l=ntbugtraq&m=93578772920970&w=2 http://www.securityfocus.com/bid/606 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault. • http://marc.info/?l=bugtraq&m=90221104526168&w=2 •