4 results (0.004 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. As of 20061118, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. QUALCOMM Eudora WorldMail 4.0 permite a atacantes remotos provocar una denegación de servicio, como ha sido demostrado por cierto módulo en VulnDisco Pack. • http://secunia.com/advisories/22836 http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml http://www.securityfocus.com/bid/21099 •

CVSS: 5.0EPSS: 1%CPEs: 20EXPL: 0

Eudora before 6.1.1 allows remote attackers to cause a denial of service (crash) via an e-mail with a long "To:" field, possibly due to a buffer overflow. • http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt http://www.securityfocus.com/bid/10398 https://exchange.xforce.ibmcloud.com/vulnerabilities/16246 •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 2

Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. • https://www.exploit-db.com/exploits/20688 http://marc.info/?l=bugtraq&m=98503741910995&w=2 http://www.securityfocus.com/bid/2490 https://exchange.xforce.ibmcloud.com/vulnerabilities/6262 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 5

Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." • https://www.exploit-db.com/exploits/19885 https://www.exploit-db.com/exploits/22627 https://www.exploit-db.com/exploits/23398 https://www.exploit-db.com/exploits/23399 http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077 http://www.peacefire.org/security/stealthattach/explanation.html http://www.securityfocus.com/bid/1157 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •