4 results (0.003 seconds)

CVSS: 5.0EPSS: 1%CPEs: 20EXPL: 0

Eudora before 6.1.1 allows remote attackers to cause a denial of service (crash) via an e-mail with a long "To:" field, possibly due to a buffer overflow. • http://www.eudora.com/download/eudora/windows/6.1.1/RelNotes.txt http://www.securityfocus.com/bid/10398 https://exchange.xforce.ibmcloud.com/vulnerabilities/16246 •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 2

Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. • https://www.exploit-db.com/exploits/20688 http://marc.info/?l=bugtraq&m=98503741910995&w=2 http://www.securityfocus.com/bid/2490 https://exchange.xforce.ibmcloud.com/vulnerabilities/6262 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). • http://www.osvdb.org/1545 http://www.securityfocus.com/archive/1/80888 http://www.securityfocus.com/bid/1653 https://exchange.xforce.ibmcloud.com/vulnerabilities/5206 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0427 •